The Importance of Staying Up-to-Date with WordPress Core and Plugin Updates

Updates Happen

It is annoying when Microsoft or whatever antivirus program pops up and tell you that updates need to be installed and your computer needs to be restarted. It is an inconvenience at the very least and one that as a business owner you cannot afford to deal with during the work day. But at the same time updates need to be installed. Some updates are just new features being added while some fix security holes. Your WordPress site is no different.

When an update is released information about that update is provided to the world, whether it be from Microsoft, Norton, McAfee or any other company, If there is a security vulnerability that update now not only brings that vulnerability to someone’s attention but provides a potential roadmap on how to exploit it. Criminals will try to exploit any vulnerability for profit and in many cases a small company’s website, while not lucrative, is easy pickings.

The good, the bad and the ugly of open source

Remember that WordPress is open source, which means that anyone in the world can examine its code. This can make it easy to create cool new features or fix flaws but it can potentially lead to new flaws being discovered. New updates to the software close those holes but anyone running a website using an older version of WordPress can be vulnerable to an attack.

WordPress is easy to use and continues to grow in its popularity. That alone will attract the criminal element looking for an easy payday. When a website is compromised the owner loses more than just the control of their site. Thieves look for credit card and personal information to steal and chances are some of that is stored on your website. Your customers will curse your name when they have to cancel their credit card or spend hours on the phone disputing charges or fixing their credit and heaven forbid the thieves steal their information and use it file fake tax returns. And that is not the worst part. Not only are non-updated websites vulnerable they also make other sites on the server vulnerable as well.

The cost to your business could be extreme. A ransomware attack could cost hundreds or thousands of dollars and there is no guarantee that the attacker will honor their word and release your site. Fixing malware attacks will take time to potentially restore the system, to communicate with clients and the time your IT team (which could be you) will spend finding the vulnerability and fixing it. This time that is spent fixing the issue is time you won’t be using to run your business. After the vulnerability is fixed the fallout will continue. Not only will those customers who had their information compromised probably find someone else to patronize you may have a hard time attracting new customers. A breach could cost you everything you have.

The cost of not updating

A small toy company, Rokenbok Education in Solana Beach, California was hacked in 2015 during the Christmas holiday. Its database was infected with malware and their files were encrypted by the thieves. Four days later after rebuilding their system they were back up and running minus the thousands of dollars lost from potential sales during the holiday season. The hard truth is that criminals like to target small to mid-size companies since they lack the security budgets of Fortune 500 companies, not that they are immune either. Yahoo has been hacked several times in recent years and the fallout has cost them billions of dollars not to mention millions of customers and several executives their jobs.

Updates are more than just security flaws

Now WordPress updates are more than just security issues. Sometimes a new function is added to a plugin, theme, or a bug has been fixed that will make the plugin work more efficiently. In some cases as versions become old or obsolete the functionality of parts of the website will deteriorate or simply stop working. On occasion the WordPress core will need to be updated. So now that sparkling cool new website that you had is not what it once was. Also as new features, themes or plugins become available they may not all be compatible with older versions of the others. Updating is necessary to keeping your site running optimally.

Updating is easy to do but time consuming

While updating WordPress can be as easy as just clicking the Update button the process of doing a proper update is more than that. Release notes come with each update so read over them so that you know exactly what is being updated. Back up your site before performing an update. While nothing will probably happen do you really want to take the chance that something does and you have to start over from scratch? Also, if possible test the update on a developmental site rather than with your actual site. This will let any issues be discovered without going live so you can fix them without it impacting your site or know how to fix them quickly. Don’t forget that after the updates are installed to check your whole site to make sure everything is working as it should be. This can be a time consuming process but it is necessary to do properly. You would rather find the problem than one of your customers!

Let Nicely Done Sites do it for you

You take your car in for regular maintenance don’t you? If you want to keep it running in good shape you do. Computer technology is no different. The good news with WordPress is that it does not require an expensive trip to a garage and hours of downtime. It can be done with only a handful of clicks of the mouse and a little bit of time. What could be easier and cheaper than that? If this is not something that you are comfortable with or just don’t have the time to do Nicely Done Sites can help! We offer maintenance agreements that will keep your website running the way it should be.

Comments are closed.

Scroll to Top