Ensuring your WordPress sites are all updated …

Updated with respect to the various plugins and the themes being used on the site. It may seem something that seems important, but it cannot be emphasized enough about how important this particular procedure is. Very recently I had a friend lose his site (in fact, lose multiple sites) because one of the sites had not had its plugins updated to the most recent version. What happened was that one of the sites which did not have its plugins updated to the latest version got hacked. The specific plugin had a security hole that had been diagnosed some months back and a fix was also available through an updated version of the plugin, but since the plugin had not been updated, it was hacked. This hack enabled the hacker to get through to the base level of the site, which allowed the hacker to access the other sites as well (since they were all hosted on the same server as part of the same hosting package). For people who have multiple sites, it makes sense to ensure that all your sites are updated to the latest version for plugins, for the WordPress version, and for themes.
There are many security plugins available for WordPress that send out emails whenever they detect a newer version of a plugin, and maintaining and upgrading these components of the site should be part of the overall time budget for running the sites (it really does not take too much time to do it, and the effort involved should the sites get hacked is tremendous). I use a plugin called Wordfence Security (there is a free version and a paid version of this plugin), which ensures that I am aware of any potential problems on the sites. I have had a hack of my sites some years back, and hence am very careful now to ensure that my sites always remains updated. As a part of this, there is also a need to ensure an automatic backup program that will backup all the posts on a periodic bases should the worst come to happen, i.e, because of a hack, the contents of the site are totally lost.
Wordpress has also made this much more easy, with an automatic way to do this. Suppose you get an option where you have a configuration option to do an automatic download and installation of these plugins, in such a way that when the system knows that a newer version of a plugin is available, it will, after some time, do an automatic update of the plugin. This system runs through the use of the Jetpack plugin; this plugin has an option called ‘Automatic Updates’ which needs to connect to WordPress.com (where you need to have an account, or create one if you don’t have one). There, the plugins that you have on your site are listed, and you can select to enable the Autoupdates option for whichever plugin you want (I have done this for all plugins). You need to do this for all the sites that you have that are hosted on WordPress. It is a one time effort, but well worth it.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>