Research shows that over 60% of WordPress sites don’t run the latest version of WordPress or plugins they’ve installed.
Did you know that this means you are vulnerable to getting your site hacked? Updating to the latest version of a plugin is essentially locking your website to make sure no one can get in. A criminal does not need an open door, an open window or even thin glass to stop them. It’s the same with software: they don’t need a password to maybe do malicious things to your website. That’s why we always give high priority to possible security issues in our plugins.
Creating your own WordPress site is both exciting and overwhelming. There are so many elements to creating a website. Yet, the one thing that we often see is website not being secured or up to date.
WordPress powers almost 35% of the web. That means more than a third of all sites share similar vulnerabilities, making it a lucrative target for hackers. So is WordPress still really worth using? Aren’t we just opening ourselves up to being hijacked?
With the right knowledge, using WordPress is arguably just as safe, if not safer, than making your own website.
WordPress users have access to hundreds of resources, like this one that can help patch security holes, making it all but impenetrable. Let’s go over the pros and cons of WordPress security in detail, and give some tips for making your website safer.
What is website maintenance?
In the 1990’s websites used to be ‘set and forget’. They were built using HTM and CSS code. They were simpler websites, served as online brochures. WordPress maintenance didn’t exist, it wasn’t something you had to worry about.
Today, website are more complex. You use your website as part of your marketing efforts to get new leads, service customers, transact online and much more. Because theya re more complex, we need to maintain them.
Website maintenance is when you regularly login to your website and perform software updates for all plugins, theme files and WordPress versions. When updating your site, you are also checking for any issues, mistakes, code displaying where it shouldn’t be, elements missing from a page.
Regular updates should be done to keep your website healthy, encourage traffic to grow and help improve your SEO and Google Rankings.
Keeping your website maintained is important for all sites, big or small. It’s very much like maintain your car, you have regular services on your car. If you don’t service your car and something goes wrong, it’s often more expensive to fix.
A lot of people often think a website doesn’t require updates, so they just get it created and then never login again. Technology moves so quickly and we need to keep websites up to date to avoid any conflicts with new technology, new devices and browsers as well as keep the hackers away
Quick Website Stats
The number 1 reason to keep your website up to date:
WordPress, plugin developers and theme developers are continuously update plugins improving any security patches and release them on regular basis. Hackers are always trying to exploit venerable out of date software.
Majority of the WordPress updates are security releases. Updates are required to keep your site protected as well as other updates. You can view a list of WordPress releases here:
Additional security measures include:
- Secure Hosting Provider – check your website hosting provider has a high priority for security
- PHP Version – Too many hosts still run on PHP 5, which has long lost support. At this point in time, servers should at least use PHP 7.0+. The same goes for other software like cPanel, MySQL or other database programs, and the operating system.
- Malware monitoring and removal – Not all web hosts have a policy for removing malware from an infected site, and among those that do, some will charge extra for this service. Check what they provide. you can also sign up to a Sucuri account to add extra protection.
- Firewalls and other security measures – Check if your hosting provides this, or you can get Sucuri to add a firewall to your site.
- SSL Certificate – ensure your site has an active SSL certificate and installed correctly.
- Backups – check they preform daily backups of the site. You should also keep your own off site backups incase the server goes down and they loose any backups.
Additional considerations to keep your site secure:
- Consider adding a Website Application Firewall like Sucuri if you don’t have one. This will add another layer of protection to your site. This will help instantly block hackers, add DDoS mitigations and preventions.
- Use Wordfence to automatically lock out attempted logins fir invalid usernames.
- Rename you’re your default wp-admin page to a unique url you will remember.
- Enable 2 factor authentication.
Why does WordPress not update like your iPhone?
iPhone iOs releases updates about once a year with a few in-between for security fixes. With websites, the WordPress community is very quick to react and spot any vulnerabilities. For this reason, WordPress make regular updates. With over 50,000 plugins and multiple versions of WordPress a year, there are often conflicts. For this reason, all software needs to be updated to be compatible but also cross checked for conflicts.
How do you maintain your website?
There is a list of tasks that need to be done to keep your website running smoothly and secure. Updates are released to improve performance, update bugs/glitches, remove conflicts and much more.
Here is a list of website maintenance tasks that should be completed each month if not weekly:
- Daily backups – check your host is doing backups but also keep your own offsite backups. This is important if something goes wrong such as a small mistake, elements are broken or if the website is gone. Take a backup before doing any updates so that you can restore it if something goes wrong. You can do backups using plugins such as UpdraftPlus or BackupBuddy.
- Update Plugins
- Update Theme Files
- Update WordPress
- Optimise your Database
- Check your contact forms are working
- Remove any spam comments
- Remove post revisions
- Check any broken links
- Check for 404 errors
- Check security settings and scan website for malware. Ensure you have a security plugin activated eg. WordFence or iThemes Security.
- Check website performance/speed
- Check pages are loading without errors
- Check google search console for errors
- Test your site on all devices
- Review user passwords – check password to ensure they are strong.
Additional tasks to the core WordPress maintenance you can do is:
- Write a new blog
- Recheck website loading speed
- Recheck security scans
- Review google analytics statistics
- Review local search visibility
- Check for content updates
- Review your website – what could be improved?
- Update any imagery and content
- Review your Meta title and meta descriptions
- Review Google Search Console for any Errors
- Review plugins and remove any you don’t use
- Preform a website health check
- Preform a website tech audit
- Review any call to actions to see if they need to be tweaked or updated
- Update your copyright date in your footer
- Review content on your site
- Check SSL renewals are in place
- Check for your domain renewals
- Review your website strategy and goals
Why is Website Maintenance important?
Your business website is an important asset. There are many reasons to keep your site maintained, healthy, secure, and error free.
Updates to your website software can improve the sites performance and speed. Speed is one of Google’s ranking factors.
Google wants to rank websites that are most relevant with up to date information. If Google detects your site has many broken links, malware, hasn’t been updated in a long time, it can affect your google rankings.
If a customer visits your site and it’s loading slowly or site seams broken, they are less likely to purchase from you. If your contact forms are not sending you emails, you are missing out on leads coming through your site.
The most important reason to keep your website maintained is for security reasons. Software developers for your plugins, themes and WordPress are regularly updating the software to bugs, performance and security patches. The main reason a website is hacked is because it has out of date software.
Peace of Mind
Knowing your website is up to date, running smoothly on the latest version without any conflicts can take a lot of the stress away. If you are running daily backups, you have the peace of mind that if something goes wrong, you can revert back to the last backup without having to rebuild it from scratch.
Advantages of paying someone to maintain your website.
You can of course maintain your website by yourself but it will save time and stress to pay someone to maintain your website.
Here are some benefits of getting someone to maintain your website:
- Experienced team of experts who do this regularly and are aware of know issues in the industry and can trouble shoot any issues if they arise.
- Peace of mind that your website will run the latest version without conflicts
- Support desk for any issues
- You can focus on other areas of your business
Don’t skimp on Website Maintenance
Just like a car or home maintenance, website maintenance is crucial. It’s important and can save you time, money and unnecessary trouble in the long run.
Schedule maintenance time in your calendar and stick to them. Your website will thank you!
Let us help you
Website maintenance can be daunting, however it’s doable. If you need help, Smart Robbie offers affordable website maintenance packages, cancel at any time.
Find out more about our website maintenance packages.