Over 100,000 websites are now infected with a very bad malware. In December 2014, the internet was attacked and a website soaksoak.ru was thrust into the news. The media immediately blamed WordPress as an insecure web platform… fortunately they are wrong!
WordPress is a community supported content management system millions of businesses use every day. When managed properly, WordPress is typically one of the safest platforms available. So, what happened?
but, I’ve been busy
The massive attack on websites running WordPress occurred because a slider plugin had vulnerabilities that the hackers exploited. They used the bug in the plugin to deposit malware on the website and inject itself into the web pages that were being served from the website. Now, this seems like something someone should have fixed, and fixed fast! Well, this bug was fixed… in February of 2014. So, how did this attack happen? How can something fixed 10 months earlier cause so much trouble?
it turns out you can’t set it and forget it!
WordPress plugins can update simply by clicking on the update link in the Plugins section. The problem is most people don’t think about their website from a maintenance point of view. They get busy running their business and suddenly they are significantly out of date on the software that runs their website.
Another problem, occasionally plugins will fail when they update. Sometimes in the update process, sometimes they change significantly and stop working the way you intended. In these cases it goes beyond a simple click of a link. Usually it requires some attention, but not to the programmer level. I have seen some plugins require a significant effort to recover, but usually well respected plugin authors are careful to make sure they are backward compatible.
so, how can I stay up to date?
One way to keep your website safe and secure is to hire a company like VS Productions to maintain your site and keep it pristine. We take care of updates and will inform you in cases where plugins are no longer maintained. That’s where an author decides it is no longer interesting to them and they stop working on it. It happens. If the code is secure, no problems. If not, a new, more secure plugin can usually be found. We work with WordPress every day, so that’s where we can really help.
Once a website is infected, it becomes much harder to clean it out. That requires time & attention and usually that adds up. We tried to price our service in a way that keeps you up to date without costing you an arm and a leg. Take a look at our pricing and get your website into a managed, safe, secure state!
WordPress Maintenance & Security
|click for details||
|WP core updates|
|Verify plugins maintained|
|Remove spam comments|
|Simple site changes|
|Block spam IP addresses|
|* up to 1 per week|