The Easiest Layer to Website Security
September 21, 2016
How We Protect Your Website
October 5, 2016

The Biggest WordPress Security Vulnerability

16-percent-out-of-dateA recent report done by a security firm named Sucuri discovered that out of the 11,000 + infected websites analyzed, 75% of them were on the WordPress platform and over 50% of those websites were out of date (read full report).  The core files for WordPress are actually quite secure. It’s the files that extend the functionality of WordPress, namely plugins and themes, that are the weak link.

Term Definition
Theme A WordPress theme is like the clothes your website wears.  Just like clothes, you can easily change the way your website looks simply by switching themes.
Plugin Plugins can easily be installed to add special functionality to WordPress that doesn’t come out of the box.

Both plugins and themes are purchased or available for free from third-party developers. While one would expect these developers to take security seriously, not all developers have the expertise to create secure code and many don’t have the time to update their plugins or themes regularly.  Furthermore, most plugins and themes are not regulated by any governing body which means anybody can create a theme or plugin for public distribution.

Before you get panicky, here are a few way to protect your website from security vulnerabilities within third-party themes and plugins.

  • Always check reviews for themes and plugins and read them as thoroughly as possible.
  • Before downloading a plugin, be sure you can’t achieve the same functionality with code written directly into the child theme.
  • Check version history to see how often the author of the plugin or file has pushed out updates and if there were any major security breaches they resolved with those updates.
  • Do research on the theme or plugin using a search engine.  We like to put in the name of the theme or plugin plus the words “security breach” or “security issues” to see if anything pops up.
  • If you have coding experience, take a look through the code and see if anything catches your eye as suspicious.
  • If you install a plugin or theme and it significantly slows down your website, that might be an indicator that the plugin or theme is poorly written.

There are many more tips we could give, but we don’t want to bore you.  Instead, we want you to know the number one thing you can do to protect your website is to keep third-party files and WordPress core files up-to-date.  While most of the time these updates are making the WordPress engine, theme or plugin a better user experience, sometimes, they patch security vulnerabilities.  It’s also important to note that if a plugin or theme has not been updated by the developer in a few years, it’s time to move on to another theme or plugin.

Many website owners are simply not interested in keeping their WordPress core, plugin and theme files up-to-date.  They fear something might go wrong and their website may not work properly or they don’t have time to mess with something so technical.  We get that and that is why we have managed WordPress hosting.  We do regular backups and updates to your files as part of our hosting solution.  We can also take a look at your theme and plugins and make some security recommendations.  Don’t let the dust settle on your website making it vulnerable to attack.  Let us do the work for you.


Need managed wordpress hosting?  Read more about our services.

Really interested in this topic?  Read ‘Website Hacked Trend Report 2016 – Q1’ by Sucuri

Comments are closed.

Testimonials

  • Debbie P.
    Laura is a fantastic web developer! She’s developed three websites for me and it’s unbelievable how quickly she can get a project done! She’s decisive and thorough, but also creative and understands the whole process and how everything fits together. One of the things I appreciate most about working with Laura is that she’s very dependable and responds to emails within the hour. Her training videos explain things clearly and easily, even to a novice like myself. Thinking of creating a website? You can’t find anyone better than Laura.
    Debbie P.
    Rome with Purpose
  • John R.
    We reached out to Laura at D3 Solutions after our website had a security breach. She was extremely responsive and had the issue cleared up right away!
    John R.
    Classy Career Girl
  • Adam G.
    I can't recommend Laura and D3 Solutions enough. Laura is extremely knowledgeable. We received a highly detailed response within an hour of emailing her. Our Chief Technology Officer immediately said to me, 'Wow, she really knows her stuff.' We had reached out to a bunch of companies before D3 Solutions and he never said that. Most importantly, Laura is extremely reliable. She delivered on every promise she made (in many cases going above and beyond) and I couldn't be happier with the end result. I live for my business and Laura clearly does too. I sincerely feel so lucky and grateful that we stumbled upon her website. I look forward to a long partnership with Laura and D3 Solutions!
    Adam G.
    MyBodyTutor, Inc.
  • Dr. Steve W.
    We sought out the expertise of Laura and D3 solutions based on the recommendations of trusted colleagues and the need for a web developer who could understand our unique needs. Laura’s reputation is well earned as she was able to deliver a truly incredible product that exceeded all of our expectations. Her communication was timely and through a balanced combination of expertise and creativity, she was able to transform rough sketches and basic ideas into a captivating website that now serves as the centerpiece of our mission and work. Laura was patient with our questions and sensitive to our concerns. In every possible way, D3 Solutions demonstrated the highest level of customer service. In the end it became increasingly clear that for Laura and D3 Solutions, the people they serve are far more than clients, they are partners.
  • Chuck J.
    D3 Solutions is my go-to company for web development and website hosting. They provide solutions I can feel confident in, stable and secure servers and responsive customer service, all at a price I find very competitive. I could not do what I do without a partner like D3 Solutions.
    Chuck J.
    Chuck Jones Direct
  • Paul D.
    A couple of years ago I hired a company to rebuild my website, and when the process stalled out, Laura came in and salvaged what could have been a disaster. Since that time she has worked to maintain my website and has proven to be highly skillful in what she does, responsive, and ethical. I would recommend her without any hesitation.
    Paul D.
    EcoGreen Landscaping
  • Dave S.
    It has been a true joy working with Laura! She was involved from the initial thoughts and concepts of what we wanted in a website to then seeing our vision fully realized in a very professional and attractive site. Laura helped us work through ideas, and offered expertise in how to best implement them in a manner that made sense and was best utilized by our target audience. We are thankful that the relationship is ongoing with advice and troubleshooting being just a phone call or email away. I highly recommend you consider Laura for your website design and development!
    Dave S.
    Mentoring Timothy
  • Jeff J.
    I have had the pleasure of contracting Laura and D3 Solutions for a number of website design and maintenance issues over the years. She is always professional, efficient, fairly priced and a delight to work with. I highly recommend her.
    Jeff J.
    Ark Music