Are those annoying update notifications on your WordPress dashboard important?

In the immortal words of Bill Lumbergh from Office Space:

“Ah. Yeah…”

Most of the WordPress updates are often released to fix potential security issues. It’s not a stretch to say that if you don’t update your WordPress software often, you’re all but guaranteed to get hacked at some point. Hackers love to find holes to install malicious malware or just be general nuisances. This can be very troublesome and often times expensive to fix.

Kiss Your Bing and Google Rankings Good-Bye.

All too often, unless you’re one to look at your site frequently, your site may have been hacked already for days, weeks or even months. When your website is hacked you may instantly lose your position in search engine rankings. Google for example de-indexes websites with malicious scripts and will even place a warning to advise users to stay away. Hacked sites can not only cost you prospects and clients, but in some cases your content can be lost.

Update Your Plugins Too..

Plugins are equally important to update if not more so. Often times the plugins pose more of a risk to your site. Update your plugins often, if there hasn’t been an update offered in a long time, check to see if it is still supported. Choose wisely when using plugins. We like to check the reviews and see how old a plugin is before we implement it on one of our sites.

“I don’t click the update link because I’m scared!”

The truth is sometimes the updates are not compatible with the current theme or plugins on the website. This a perfectly valid concern.  The site files should always be backed up along with the database in case something goes wrong. If the website hasn’t been updated in a few years for example, incompatibility issues are almost certain to arise.

There are tools (plugins) available to help with this process or you can hire a professional WordPress developer to do this for you. Some companies offer various forms of managed hosting to automatically install updates and check for conflicts .

With All These Updates and Security Concerns, is WordPress Safe?

You bet. 1 out of 6 sites are running WordPress. WordPress developers are always working to improve security, performance and search for loopholes. A well maintained WordPress site using a little common sense is the perfect tool for managing your own content.

A few tips:

• Always keep  Wordpress software and plugins updated to the most current version. If you’ve hired someone  to take care of your website, be sure to ask if it’s being done!

Create a unique username.  Don’t use the standard ‘admin’ user name.  If it was created automatically, create a new user with administrative privileges with a more unique username and delete the admin account once you’ve logged in with the new one.  For even more security in your username use upper and lower case letters and a symbol or two thrown in for good measure.

Create a tough password. It should be at least 8 characters in length and a combination of upper and lower case letters, numbers and a symbol or two thrown in there for good measure.  Refrain from using family names, names of pets or birth dates as this information can usually be discovered pretty easily. (facebook anybody?)

Choose your themes wisely.  Free themes outside the WordPress Theme Directory may be open to security risks. Avoid searching for “Free WordPress Themes”. You’ll be better served to hire a professional theme developer , buy a well documented and supported “premium theme” or again, use the WordPress Theme Directory when searching for free themes.

Change the Database Tables Prefix. With most WordPress installs the database name has the default prefix of wp_xxxxxx.   Hackers know that, and that’s why many of the security attacks that take place exploit this default. There are plugins to help you do this, or hire a professional.