WordPress is the best content management system available. That’s been proven year after year with its immense growth.
But growing comes with challenges. One of those challenges is security. WordPress isn’t very vulnerable on its own. But when combined with plugins, themes, and various hosting environments, it opens the possibility of discovered vulnerabilities.
Yes, we know, nothing is perfect. So WordPress can be hacked on its own if a malicious hacker wanted to. But so can Squarespace and Wix and Weebly, and any other CMS.
There is one tried and true method for ensuring security with WordPress. This isn’t the only method, of course. But it’s one extremely important factor in ongoing efforts to ensure a safe environment for your website.
This method is updates.
Updating your WordPress instance to the latest version ensures that any security bugs found are patched. Updating themes and plugins does the same. Updating your host’s PHP and MySQL versions also help in the effort.
There are other reasons for continually doing updates as well.
Compatibility is a huge issue with WordPress. We like to say that the upside of WordPress is that you can do anything. The downside of WordPress is that you can do anything.
Knowing that you can install a plugin that is three years out dated and incompatible with the latest WordPress version. Or a theme that requires a feature of WordPress, or a function of WordPress’s code, which has been deprecated or discontinued.
These incompatibilities can lead to site breaks, downtime and lost revenue.
So between security and compatibility, there are two very important reasons to keep your site up to date.
Always check with your theme company, your plugin companies, and your host to ensure your site and its assets are protected.
Ronnie Smith
14 Oct 2017I think it would be a good idea to mention that WordPress can technically “auto-update” itself. While not technically a good idea as it can indeed break the site, it is still not a bad thing for those who just “forget”. In my experience it is easier to “roll back” your site than to leave it open for security hackers.