If you frequent business or start up forums, business networking events or any venue to discuss starting a web business using WordPress. You’ll often come across some know-it-all-web-guy, who proclaims
'Don't use WordPress it always get hacked!'
What smarty pants often omits to tell you is that
Over 70% of WordPress websites are not actively maintained & therefore susceptible to attack
Here lies the true nub of the problem, it’s not that the WordPress system is at fault, on the contrary, it’s the unmaintained older versions of the platform that are mostly susceptible to attack.
Why are older versions of WordPress at risk ?
There is no denying the popularity of WordPress, as an all round Web Content Management system, after all it powers over 20% of all internet sites. It’s growth has been amazing, starting out in 2003. It has gradually evolved and improved with every release and version. At the time of writing (June 2016) , it’s latest release is 4.5.3, which in itself is an important security release update!
Due to the fact that WordPress is so widely used and constantly tested in real world scenario’s , there is a constant feedback cycle! So if there are any issues, they are acted upon fairly quickly.
Here comes the first Dilemma, when the WordPress community create and release a security patch, obviously they would want to communicate this to as many people within the community, in order to notify them so that they can update their systems. Obviously people being people, would like to know more details about what’s in the security release and why they are at risk. So this information is dutifully communicated in Blog Posts, Email lists etc.
The trouble is the shadier sect of the internet community, also look out for this information. Once they gain an understanding of what they issues are, and more importantly which versions the issues affect. They will go search for these older versions of WordPress, and orchestrate an attack!
Why would you want to hack a WordPress site ?
This is a great question. The average WordPress website either used blogs or websites , most of the time both. However, it is becoming increasingly more common now, for people to run their entire business using WordPress, including e-commerce and Social Media platforms. Irrespective, of the type of website, most organisations and individuals will use them get User Information, i.e. Email Addresses, Names, Postcodes etc. In the case of e-commerce or subscription based sites, credit card information.
To your average hacker this is a treasure trove of information as it can be sold for cold hard Bitcoins. How else are they going to afford to buy all those Monster drinks and Fritto’s ?
How do Stop my WordPress getting hacked ?
So the answer to that is, you need to ensure that your WordPress website is not in the 70% unmaintained instances.
You will need to carry out regular maintenance on your WordPress site , also ensure your hosting provider has all the necessary security precautions on the server itself.
However it is important to note, that not all hosting services contracts actually include coverage of your actual website.
Hosting providers usually only guarantee that the server your website is hosted on is secure and backed up regularly, but the software and warranty of the software you use to create your website is often your responsibility!
Taking out a WordPress Maintenance package with threenine, not only ensures we migrate your WordPress website to our Dedicated WordPress Hosting servers, but also we ensure we carry out all the necessary maintenance tasks required to keep your WordPress website safe, secure and stable.