You’ve heard it before, and I’ll tell you again right now: software updates are important. This is especially true for software assets which are publicly accessible, such as websites making use of a content management system. Yes, you guessed it, this includes the WordPress CMS.
WordPress Updates Are Important!
Question: Generally speaking, why are software updates stressed as being so important?
With the level of interconnectivity inherent in the majority of today’s technology, software is needed to manage access to administrative areas and to process user requests.
As such, software is a prime target of malicious activity. Unlike hardware, the software component of a system is, in almost all cases, accessible via the internet. This may be for either administrative purposes or for the public to interact with the software’s offering. Regardless of the reason, public access means that hackers and wrongdoers have the ability to test the software for vulnerabilities in its code in order to exploit them.
This is where software updates come into play. As vulnerabilities are uncovered the software’s developers will “patch” the software’s code in an effort to eliminate the specific vulnerability. Once patched, the necessary code updates are issued out to the software users in the form of updates.
Therefore, using outdated software can be likened to using a password which becomes more and more insecure as time passes. To reset the password to something more secure, the software updates simply need to be applied.
Question: But why are WordPress Updates so important?
WordPress Updates could be considered more important than updates for most other pieces of software for several reasons:
- WordPress is open source.
- WordPress is multi-faceted.
- WordPress is popular.
- Maintaining WordPress Functionality and Usability.
The code which is used for each WordPress installation is open source. This means that it is available for anyone to download, including hackers. This allows those with malicious intent to examine the system at the code level, in detail, seeking vulnerabilities. Additionally, all freely distributed WordPress themes and WordPress plugins are also open source. This includes both the WordPress Theme and WordPress plugin repositories: https://wordpress.org/themes/ | https://wordpress.org/plugins/.
The term “WordPress Updates” is often used as a blanket moniker covering all forms of updates needing to be applied to a WordPress website. In addition to the WordPress Core, any installed WordPress Plugins and WordPress Themes will also require updates. This means that WordPress operates with multiple pieces of individual software which need to be updated independently. Each piece of software is a potential source of vulnerability. With this being the case, the more pieces of software your website uses, the more opportunities hackers have to find vulnerabilities and, subsequently, the more important it is to apply WordPress updates on a regular basis.
All of the popularity WordPress has garnered over the years, combined with it being an open source platform, makes it an emphasized target for hackers. For the hackers, this all boils down to ROI (Return on Investment). By investing their time into uncovering vulnerabilities within a popular system such as WordPress, they increase the likelihood that they will be able to exploit the vulnerability across multiple different websites. And, in the case of non-regularly updated WordPress websites, for months or years to come.
Just as WordPress developers release updates for their software to patch security vulnerabilities, they also issue updates to maintain compliance with web standards and to meet the requirements of the systems their software must interface with. As an example, imagine a WordPress plugin which allows you to post to Twitter directly from WordPress. To do so, the WordPress plugin must interact with the Twitter system via an API (Application Programming Interface). Put simply, an API allows code to be kept secret on the server while providing WordPress developers with a way in which they can interface with it. As Twitter makes changes to their system, they will also make changes to their API. When this happens, the WordPress plugin’s developer must update his software and provide an update. If this update is not applied prior to the changes on Twitter’s end, the functionality may cease working until it is addressed. This problem is more common than you might think, and sometimes results in performance / functionality breaking issues. One such example, taken from real life, is a business website’s contact form failing to deliver submissions to the configured email account for a period of time. The website’s owner remained unaware until the lack of emails became glaringly obvious as something potentially more than just a seasonal-shift drop in business.
Question: How often should WordPress updates be applied?
In a perfect world, WordPress updates would be applied immediately upon release. However, we do not live in a perfect world. Before applying WordPress updates, backups of both the WordPress files and the database must be taken to make certain the website can be restored should an issue arise. Furthermore, post-update testing must be performed to make certain the WordPress updates did not break the website’s functionality in any way.
As a minimum, WordPress website’s should have updates applied monthly. This is the base update schedule Bellingham WP keeps for each of our client’s Managed WordPress Websites on our $33 monthly WordPress Management and Hosting plan. We also manage bi-weekly and weekly WordPress updates for clients as deemed necessary or otherwise requested.
Question: Can I apply my WordPress updates myself?
Yes, you sure can. If all goes well with the update process and the website remains fully functional you’re in the clear. The real issue comes when the updates do not go smoothly. And without taking the necessary preparations prior to applying the WordPress updates, recovering from a faulty update may be quite difficult, time consuming, and potentially impossible.
If you proceed with performing your own updates, make certain you have a verified backup of the website’s files and database. Don’t hesitate to get in touch with any questions you might have. In addition to providing information via consultation, Bellingham WP can manage the update process of your website on a regular basis for a fee.
Question: Can Bellingham WP take care of my WordPress updates for me?
We sure can. We provide this service to our clients via our WordPress Management services or as a one-time WordPress maintenance request fulfilled as needed upon request. Not only do we do updates, but we also provide WordPress Hosting services as well. This means that Bellingham WP can become your complete WordPress Management solution.
If Bellingham WP can be of service by helping with your website’s WordPress Updates please get in touch. Rick will answer your questions and help you decide if Bellingham WP’s WordPress management and / or hosting solutions are right for you and your website. We also provide one-time fulfillment of WordPress updates upon request.