In the last year specifically we have noticed an influx of attacks on open source content management systems such as WordPress or Joomla.
Does this mean these CMS platforms are unsecure?
Not in the slightest!
Does this mean these CMS platforms need regular maintenance to ensure they stay protected?
For the love of god yes!!!
As security technology improves so do the techniques used by hackers all over the world.
This means making sure your site is well maintained and kept up to date from a security perspective has never been more important.
Especially now that Google and other major players in the IT world are doing their best to protect users from sites which have been compromised.
If you are not careful, you could find your site blacklisted by major systems such as Google and Norton – NOT what you or your web site visitors want!
What Do I Need to Maintain?
WordPress & Joomla as well as other systems will be constantly improved to address new security vulnerabilities as they are discovered.
While upgrading can be a complicated at the worst of times, this is great for those who are on top of their maintenance.
However, as the systems are upgraded these vulnerabilities are made public to all – goodies and baddies, so if you are not updating your site then all of sudden the hackers have a few hints on how to get into your system.
Theme & Template Files
Just like the core system and plugins, the files that drive your sites template or theme also need to be updated not only to fix vulnerabilities in the files themselves but to work with the updates to the core of the CMS.
Depending on the age and configuration of your site, this can be a very straight forward – or a very intensive process.
Not only do you need to ensure your plugins are kept up date as security vulnerabilities are identified and fixed; you also need to ensure you have proper protection from DDNS attacks and Internet Bots that are trying to access your system.
We use a combination of techniques to achieve this – including uptime monitoring and live scanning of traffic and file changes.
As well as your actual application, it is important to keep your server or hosting environment locked down to help you stay protected. This includes system uptime and traffic monitoring, firewalls and other security tools as well as OS updates.
An Updated Site Will Perform Better!
Updates aren’t just for security. Often they’ll improve the performance of WordPress itself, or of a plugin or theme.
For example, WordPress 4.1 included improvements to complex queries to improve the performance of sites using these, and WordPress 3.9 included improvements to the performance of the TinyMCE content editor.
Plugins also get updates to improve performance, perhaps to speed up scripts or queries or run more efficiently.
That Sounds Hard!
Nothing Worth Doing Is Easy!
However, with the right approach and the best tools – regular tasks such as system scans and running backups can be automated – but updates are a somewhat hands on process well worth going through.
If this all sounds like too much but you are focused on keeping your site secure – talk to us today to discuss the requirements of your site!
Or if you are unfortunate enough to find yourself already affected – we have brought our fair share of sites back from the brink!