Over the past few months, we’ve noticed a marked increase in the number of WordPress websites being hacked. As well, the frequency of updates to both the WordPress core and the various plugins also seems to be on the rise – within days of doing an update there are more available. With this in mind, keeping your site up-to-date is more important (and more time-consuming) than ever before.
In your WordPress dashboard, you can see how many updates are available right at the top, beside the name of your site. Clicking this will bring you to the updates screen, allowing you to apply any available updates. We do recommend taking a backup of your website database, as well as the wp-content folder of your site, just in case there are any hiccups in the upgrade process. Many hosts do regular automatic back-ups, so we suggest finding out what their policy is. They may be able to roll back the site should you have a problem (this may or may incur a charge, so check that as well).
In light of all of this, we’re upgrading our WordPress hosting packages to apply updates automatically. We’ve seen very few issues related to these automatic updates, however to be on the safe side, you’ll be notified any time an update is completed so you can do a quick check of your site to be sure everything is working as it should. If you notice any issues, please notify us right away with as much details as possible.
If you’re not hosting with us, we have a really great WordPress hosting package, or you may wish to consider adding a plugin like Advanced Automatic Updates to do this for you. In conjunction with a plugin like BackUpWordPress, you’ll know your site is safe and secure, as well as having your own backups.
Here are some other tips & tricks to keeping your site safe and secure:
- Remove disabled plugins and themes (even though you’re not using them, hackers can use them to get into your site).
- Keep log-in details secure. Ensure that you have a complex alphanumeric password for all WordPress accounts: http://www.awebthatworks.com/wordpress-wednesdays-creating-secure-passwords
- Update FTP, email accounts, hosting control panel and WordPress dashboard passwords on a regular basis: http://www.awebthatworks.com/how-do-i-update-my-hosting-passwords
- Use software to ensure your computer is free of viruses and malware.
Taking a bit of time in advance to ensure your site is secure can save you from a huge nightmare down the road, should you be one of unlucky victims of hacking.