Is WordPress management leaving you open to the world?
Nothing in the digital world stays still very long. WordPress and its associated plugins are no exception – but what does that mean and why do you need to regularly maintain your website?
WordPress has grown since 2003 to become the most used content management system in the world. It exists as an open source platform, which means that any developer, with any skill level (or motivation) can create a plugin. A plugin is a packaged-up piece of code which saves time and effort for website developers.
Plugins can run form enquiries, ecommerce stores, Google maps, calendars, photo galleries and almost everything in between. They are hugely powerful and a key component to WordPress’ success – but we also need to approach them with caution.
The number one way that hackers will access your website is through outdated themes, plugins and old versions of WordPress. So let’s unpick this.
Are plugins safe?
Only if they are kept up-to-date and are from a verified developer. The sad reality is that not all plugins are developed with good intent.
Put plainly, a plugin means you have allowed someone else’s code onto your website. This speeds up development and also means you or your developers don’t need to invest countless hours learning new techniques or methods – you can pull on someone else’s hard work. When a plugin is accepted into the WordPress library it is safe, but it doesn’t necessarily stay that way. The constant battle against cyber hacking and data breach means that plugins are always susceptible to malicious attacks.
Plugins evolve regularly to maintain protection against these attacks. This comes in the form of a “plugin update”. Any plugins which are out of date run the risk of having gaps in the code which may open the door for malicious entry to your website.
So how do I stay up to date?
On the surface all you have to do is log into the backend of WordPress, click “update all” on your plugins and, if a theme or WordPress update is available, update this with a click as well.
Unfortunately given that your plugins sit within your theme and your theme sits within your WordPress structure, there is plenty which can go wrong simply by updating.
If a plugin developer has added some new code structure to patch a security issue, it’s very possible to break parts of your website because the theme, WordPress and plugins stop being compatible with each other.
Part of a regular WordPress management and maintenance routine involves reviewing and protecting the website against issues caused by updates. That’s why there are comprehensive packages on the market, acting as insurance against updates by taking the process of dealing with them out of a website owner’s hands.
So what do we recommend?
There is no shying away from keeping your website theme, content management system and plugins up-to-date. You need to either have the technical competency and confidence to triage issues and identify weak code structures in your website or have a specialist service provide this.
When looking for a provider, make sure the following things are included:
- Complete (and regular) backup of your website in case anything does happen – at a flick of a switch you can be up and running again.
- WordPress and theme updates. Don’t get stuck just updating the plugins, if the wider architecture is exposed it won’t matter how much updating you do of plugins.
- Development hours to fix issues. If anything does go wrong with the updates you don’t want to have to fork out for hours of developers’ time. Make sure your package works as an insurance against having to pay for a rebuild every month.
If you’d like to know more about what a maintenance package looks like, or how you can confidently set and forget about monthly maintenance get in touch with me.
Glenn Langridge is an expert in digital campaigning and data analysis, including the use of analytics to inform and guide digital strategies. Contact Glenn.