Updates and Security

If you have a smart phone, tablet, laptop or desktop computer you know about software updates and security.  When one of the big companies make a mistake in their updates and our security is compromised then that means there is a new update coming soon, or hopefully.

I’m currently designing and managing fourteen different websites all built on the WordPress content management system (CMS).  I’ve needed to decide to update the plugins and themes I use on a weekly or even sometimes a daily schedule or do I let them go for two or three months then update everything?  I always feel if it isn’t broke then don’t fix it/don’t update it.  As I pickup larger clients that need more than just a blog built on the WordPress system it is necessary for more plugins to build these sites.  The result is more time updating plugins and checking to make sure they are still working in conjunction with the other plugins and the theme.  I would say 90% of the time they work fine and I can move on within minutes to the next project.  But those times that more is needed than just a quick update there security risk and other issues that need quick resolution.

One of my clients I designed their site on my own from the ground up.  They were really pleased with the work I had done on their flagship site they brought me on board with other sites they also own.  In the process the premium themes they were using on each site are a little different and the developers decided how the plugins should be installed and updated.  They had also purchased premium plugins that needed to be connected with  APIs and usernames to get the updates otherwise they needed to be manually updated and it is never obvious when those updates are needed.  As I worked on these sites that were designed by others I was finding one at a time premium plugins that were not registered properly or updating with everything else.  As other updates were being done these old plugins started presenting security risk to the point the host server shutdown all their sites because of malware from outdated plugins.

As I learn and grow my design skills on the go a lot of the time is being consumed by updates and security.  I use brute force software to change the generic settings of WordPress so the sites aren’t as vulnerable but even that doesn’t secure the site 100% and many days it is an ongoing battle to keep all the sites secure.  I’ve had sites hacked and go down because of a lack of security, I’ve had sites crash because of outdated plugins that were working one day and installing malware the next.  I don’t fully understand why this happens all I know is for my sites and my clients sites they need plugin and theme updates/checks once a week to make sure their security and it is never a once and done job.  Some clients won’t understand this and don’t want to keep me on retainer to insure their site security— until the worst happens and the site has to be rebuilt from the start.

So update you plugins, themes, and content management system software often— or you might be completely rebuilding your site that has been taken down by hackers!

 

photo credit: [martin] via photopin cc