
WordPress - Is It Time To Update
WordPress: It Is Extremely Important To Keep Your Site Updated
We estimate that more than 95% of the websites on our servers have WordPress as their CMS (Content Management System). Why not? It is extremely flexible, with thousands of themes and plugins. A theme is what makes the website look the way it does, and a plugin adds features and functionality to your website. Let’s say you want to sell your homemade candy. Then you would need to use an e-commerce plugin like WooCommerce. WooCommerce already has all the shopping cart functionality built in, and if there is a particular feature you want that isn’t built in, you can just find a plugin that provides it and add it to your new website.
The problem we see too often is that many businesses spend little to no money on their website, and once it is online, they forget about it. It seems difficult for some business owners to understand that a website is a 24/7/365 color and interactive phone book listing. It is also a 24/7/365 television commercial. And it even acts like a 24/7/365 radio spot. It is all those things and so much more.
We have seen clients who are willing to spend several thousand dollars on a 4″x6″ phone book listing (who reads the phone book?). Yet they will try to spend a couple of hundred dollars on their website, or better yet, they have a friend of the family who dabbles in web design”, as she loves to write stories. To make matters worse, once their website is online, they completely forget it exists; they don’t update any software or plugins, and they never update any content on the website. Well, Neglect is more accurate — they ignore their website until it is too late.
We had once been hired by local companies who had been hacked, and when we got into their website and started cleaning things up, we found that their WordPress core was more than two years behind on updates, and almost every plugin was more than three years behind on updates. And this isn’t even that rare or shocking. I can think of a good half dozen or more websites like this.
It is important not only to change the content periodically but also to use your website as a tool rather than an expense. But it is also important to keep your plugins and themes up to date. We recommend that you make changes at least once a month, twice is better.
Have Questions?
Is your WordPress site overdue for updates? Simply Web Services offers maintenance packages that keep your site secure, up to date, and running at its best — contact us today to get started.
A Flaw In The Code
Last year, a flaw in the Houzez (Real Estate) theme put 35,000 websites in jeopardy of being hacked. In January, a flaw in the LearnPress plugin put 75,000 websites in jeopardy of being hacked. Earlier in January 2023, a flaw in three different plugins put tens of thousands of active installations vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly available.
This is just a sample of the more recent vulnerabilities in WordPress. Believe it or not, WordPress is one of the more secure CMSs available, and many of the flaws and vulnerabilities are found by white-hat hackers (the good guys) because the source code is open for anyone to review. Regardless of which CMS you use, you should ensure it stays up to date. We offer maintenance packages for that very reason. And if your site is hacked, you may have to pay to have it restored. If other sites or the server are damaged because your site served as the gateway to the rest of the server, you may have to pay for repairs there as well. It is far more cost-effective to get a maintenance package.
FAQs
At a minimum, you should be checking for and applying WordPress core, theme, and plugin updates at least once a month. Twice a month is better — especially if you are running popular plugins that are frequently targeted by hackers. Simply Web Services recommends pairing regular updates with fresh content additions, as search engines reward websites that are consistently maintained and refreshed.
Outdated plugins and themes are the most common entry point for hackers attacking WordPress websites. When a vulnerability is discovered in a plugin or theme, developers release a patch — but if you don't apply the update, your site remains exposed. In the real-world examples on this page, a single unpatched theme put 35,000 websites at risk, and a single plugin flaw affected 75,000 sites. The longer you wait to update, the more vulnerable your site becomes.
The cost of cleaning up a hacked website is almost always significantly more than the cost of preventing the hack in the first place. Depending on the severity, cleanup can involve restoring backups, removing malicious code, repairing database tables, and patching the original vulnerability — all of which take time and expertise. In the worst cases, if your hacked site was used as a gateway to compromise other websites on the same server, you may be responsible for those repair costs as well.
A Simply Web Services WordPress maintenance package is a managed service that handles the ongoing upkeep of your website so you don't have to think about it. This typically includes regular updates to WordPress core, themes, and plugins; security monitoring; and ensuring your site continues to function correctly after updates are applied. Contact us for current package options and pricing tailored to your website's needs.
In rare cases, a plugin or theme update can cause a compatibility issue — particularly if you are running an older version of WordPress core or using multiple plugins that interact with each other. This is one of the reasons professional maintenance matters: Simply Web Services applies updates carefully and monitors your site afterward to catch and correct any issues before they affect your visitors. Attempting updates without a backup or technical knowledge significantly increases the risk of a site-breaking conflict.
Don't wait until your website gets hacked — get a WordPress maintenance package today
Outdated plugins, themes, and WordPress core files are the #1 way hackers get into small business websites. Simply Web Services offers affordable maintenance packages that keep your site updated, secure, and performing at its best — so you never have to worry about it.