fbpx

WordPress Website Security Maintenance

We use the WordPress.org website engine CMS (Content Management System) for a lot of websites. We also work with other platforms and CMS’s as well.

WordPress is an incredibly versatile, flexible and robust professional website platform. For these reasons and many others, it is extremely popular. To keep your website secure (to avoid it being hacked), website security updates need to be done regularly, as do website backups. Many other security protocols need to be adhered to as well. Plus secure, quality and reputable website hosting needs to be selected.

Please note: All modern websites (not just websites created using WordPress) need to be security updated and backed up regularly… and be served from quality secure website hosting. It does not matter which platform your website is created on, security needs to be addressed 24/7.

If you are wondering if your website needs to be security updated, give us a call or request a quote. We can take a look for you and let you know.

We also offer Website Security Care Plans. If you own a WordPress website and want it looked after correctly so it remains secure, let us know. As part of our Care Plans, we also set up automated backups of your website.

Additionally, we provide WordPress website security hardening services. Below is a video that explains some of the basic ways to harden the security of a WordPress website.

When it comes to website security, it pays to be proactive. Prevention is key.

 

In the above video they suggest changing the default login URL. We definitely do not suggest doing that. Please watch the below video instead for information about this:

 

Why do people hack websites?

The are many reasons why people hack websites. This article contains just some of the reasons. Click here to read it.

Hackers are targeting small and medium-sized businesses (and their websites) here in Australia more and more.

To protect your website from being hacked, preventative care is needed.

Can I just security update my website myself?

In theory, you can. However, if your WordPress website has been poorly built, or is old (over 2 years old and has not been security updated at least every 2 months during that time), it’s likely your website will break if you try and security update it yourself.

If your site breaks and you have no recent backups of it, it’s often ‘game over’. This means your website will probably be a write-off, and could cost more to fix than what its current value is. At that point, you’re better off getting a new website built.

Plus, if your live website is not working properly, website visitors will either see that it is broken (which is never a good look)… OR they might try and perform an action on your website like buy a product (if your website has an Online Shop built into it), only to find they can’t complete their order because your website is broken. 

An even more common breakage issue: A website visitor tries to send you a message via your website enquiry form, only to find it does not work (because you didn’t know it was broken). This can be very frustrating for the website visitor and is also a bad reflection on your business. They may then decide not to try and contact you at all, and you will miss out on a potential new customer.

It is far better to have us do website security update work for you. We have ways to test your website first to find out if it will break or not. If we find it will break, we then do code-work (and other development work) to fix any breakages, before deploying the security updates to your live website.

Even if your website is relatively new, you can still break it if you try to security update it yourself.

How often should my website be security updated?

Your website should be security updated at least every 2 months (monthly is often best). It should also be security updates when a major security update is released by WordPress and/or when you receive a security alert. Really a WordPress website should be security updated as soon as new plugin, theme and WordPress core versions is announced… but only once you check (and are certain) that they are compatible with the version of WordPress you are using.

Correctly security updating a website gets technical quickly. It’s best to have a professional look after this for you.

If your website is getting on in years (older than a few years) you also need to make sure the website is only using reputable plugins that are still being security supported by their developers. One of the ways hackers hack websites is via outdated, unsupported plugins.

If you want to read more about this topic, there are many threads on Reddit (and elsewhere online), including this subreddit thread.

Is WordPress secure?

Yes it is, when set up and maintained correctly.

Just like any website platform, WordPress is very secure when secure quality website hosting is used (which we provide) and when website security maintenance is respected (when done correctly and done regularly), and when correct security protocols, tools & methods are in use.

Over 40% of all websites on the internet right now use WordPress as their platform. This data can be found in many places online including here. WordPress is SOO popular and a great website solution because it is excellent!

DON’T be fooled (a word of warning): No matter what platform your website uses, WordPress, Drupal, Squarespace, Wix, Shopify, Duda, WebFlow or any of the many others, ALL websites need to adhere to ‘web IT’ security best practices and be correctly security updated and maintained regularly… and also backed up regularly in case the worst should happen.

 

Skip to content