Get in Touch: firstname.lastname@example.org
In short, keep the software up-to-date.
Every so often, a headline will get people all worked up about WordPress, decrying its security and declaring it to be awful. One of these headlines hit the internets last week…
WordPress plugin exploit puts more than one million sites at risk. The vulnerabilities could lead to a complete site takeover.Barclay Ballard, TechRadar
Of course, no one wants that to happen. Remember, software is written by humans. Sometimes humans make mistakes. Let me paint another picture about WordPress though. First, the community involved with building it and plugins for it is massive. Second, the community supports each other. These are two very good things.
In the case of the plugin that was found to have security flaws, the problem was fixed pretty quickly. The folks at Wordfence updated their software to protect users against exploitation, and the team behind the plugin got to work and updated the plugin.
So now it’s secure again. However, this doesn’t mean that every website using the plugin is automatically updated and secured. This is a big part of maintenance. Keeping tabs on software updates and making sure everything is up to date is a best practice for WordPress security. Please don’t take it lightly.