Do you know what a privilege escalation, information disclosure, or unprotected file vulnerability is? Probably not, right? But I can tell you that they are very important for the overall security of your site and your customers’ information. Maintaining WordPress security is vital to your company website and customer information, however little you store.
Keeping Your Website Up-to-Date
A lot of small businesses think they can just put up a website and they are good to go. While there is a lot of tech talk in the linked article above, the reality is that there is a constant battle between improving WordPress security (websites in general) and hackers finding new holes to exploit.
Another excellent example is the Panama Papers fiasco, driven by poor WordPress and Drupal management, which you can learn about here. Again, the read is technical but the point is clear; keep your site, thus your customers, safe at all times.
A very large percentage of the world wide web runs on WordPress as their platform of choice. Unless you’re a web design expert yourself, you have no idea what features, plug-ins, and widgets are running on your site, much less which ones need to be updated against the latest threat.
Are You Using Premium WordPress Themes
Another thing you need to consider is purchasing premium WordPress themes. I know and understand your temptation. If I purchase this theme, I just swap out my text, logo, and images and this site will rock my market. The problem is that it is never that easy, and all of those buttons leave scores of inline CSS on your page, rendering it slow and inefficient. That isn’t really the security issue though.
Many of these themes offer you premium plugins too. Think, super cool slider mentioned above… The problem is that you get a copy of that plugin, not the actual license with the ability to update it. Hence, you may be running a vulnerable plugin, and not want to pay for updates since you already purchased an expensive theme. Trust me, pay it and chalk that up to a learning experience that nobody knows about but you (no hackers!).
Don’t Be a Mark
Another problem is that hackers know small business websites are easy to gain access to. These sites often lack an individual actually keeping their security up-to-date. This is why it’s so important to work with a web developer that not only builds sites but maintains them over time. At the very least, you want updates run once a month to make sure you have all the latest protections in place. Of course, it is also a good idea to make a backup prior to clicking any WordPress update requests…not to mention testing in a development site so users can’t see a plugin conflict ruining their live experience.
Smoother Functioning for Customers
In addition to security, regular updates can make sure your site is functioning smoothly. Maybe a website you linked to has changed its address. Now when customers click on it, they are brought to a dead end 404 page. This is not only frustrating for your customers, but Google also penalizes your site for dead links, which makes your business less likely to be found by people searching online.
Use These WordPress Security Tips to Tidy Up
Regular website maintenance ensures your site is in a constant state of safekeeping. Sure, no site is impervious to infiltration, but just maintaining your site when WordPress tells you to is a start. Another great idea is to install the Wordfence plugin, free from the repository. It keeps this site safe while I sleep (OK, I rarely do that), while my visitors browse. It works right out of the box, even better with some changes to default settings. Hopefully, as I continue my blogging journey, this sentence will link out to a nice post about how to set it all up. If you are looking to go all out on this yourself but not use a plugin to help, here is a great step by step guide on WordPress Security.
A good web developer will help you maintain your site over time, keeping it safe and easy for customers to use and find. So, as you’re in the market for a new or updated website, make sure you’re looking for a web developer that is willing to provide you that continuing support as well.