Why you want to make sure your site uses the latest WordPress version
WordPress powers over 35% of all websites on the internet. So there is a high probability that your business website is created with WordPress.
How to check if my website is built using WordPress?
- Go to the BuiltWith website
- Enter your website URL
- Read the report and see what technology your website uses
- Check the CMS section and see if the latest WodPress appears
WordPress is available on most web hosting providers with a one-click installation. It is easy to set up and operate and it is open source, so free to use. That’s why many small businesses create their websites with WordPress.
Small businesses with low budgets will likely opt for a commercial theme, which can be used out of the box. Often they will install plugins for everything that is needed. And they will choose a cheap hosting provider, often in a shared server.
But WordPress is equally suitable at the enterprise level. It can be downloaded and installed on your servers. It is scalable, Flexible, and SEO friendly out of the box. On top of this, WordPress has a user-friendly admin interface. This makes it easy for a non-technical person to understand and update content. They can preview the page before it gets published. And, in the event of a content error, they can quickly restore a previous revision of the page.
This makes it the perfect platform for creating all types of websites.
Enterprise clients will most likely opt for the design and development of a custom theme. So they can have a more granular control over the look and feel and code that is developed.
Why do you need to keep your website updated to the latest WordPress version?
Independently of the option you have chosen to create your website, you need to ensure that it’s kept up to date. This apply to your WordPress core, your theme and your plugins.
If you fail to do this, you may get a nasty surprise and see that your website has been compromised.
When your site is hacked, it may not be obvious to notice. Often your website looks the same as usual.
Sometimes some code has been injected in the source of a file and it can generate pages that get indexed in Google. I.e. they are not visible on your website.
If you go to Google and type “site:yoursite.com” you can see what pages Google has indexed from your website.
Other types of hacks can do other things like redirecting your website to an external URL.
If your website has been compromised, this may also affect to other websites that you have on the server. Your hosting provider may decide to suspend your website. And you would need to spend a good amount of time and energy to find and fix the problem.
You can minimise the chances of this by keeping your platform up to date.
However you shouldn’t update your platform directly in the production environment. You should have at least a staging server where you can test the updates before you apply them to live.
There are two other important aspects, often neglected by many website owners.
- Using strong passwords
- Hosting maintenance
This is the easiest step you can take to reduce the chances of your systems being compromised.
Unless you use a managed service, you need to ensure that your server has the latest security patches.
We recommend Pantheon.io to host your WordPress websites, no matter how small or big they are.
Things that we like in Pantheon:
- You have a single panel to manage all your servers.
- By default, you get 3 servers out of the box, for development, staging, and production. They all include an SSL certificate .
- You can see the status of each server, and password protect them as needed.
- You can create backups, and restore your website to a previous version with one click.
- The WordPress core, as well as the plugin code, is write-protected in live and test environments. This feature protects against unauthorized updates that can result in compromise.
- You can update your WordPress to the latest version with the click of a button.
- Then you can deploy your code to test and sync the production database, so you can safely review the new version.
- You can create a branch of your project to develop new features or change your website. This allows you to continue doing normal work on your website while the new version is developed.
Is WordPress secure?
Some critics will see security as a limitation.
As mentioned above, WordPress powers over 35% of all websites on the internet. So will all possible combinations of plugins+themes out there, it is reasonable to think that there are vulnerabilities.
However, there is also a great community around WordPress to ensure these things are patched asap.
So if you keep the WordPress platform and server well maintained and updated, all should be good.