Following my article a few weeks ago Why bother to update WordPress?, I received several replies from people who don’t believe their sites could be targets. I tried to explain but, as luck would have it, I stumbled upon an excellent article from the Sucuri Blog, answering why all sites are vulnerable. Tony Perez (Co-Founder / CEO at Sucuri) has very kindly agreed to let me reproduce it here and he perfectly sums up why even your website could be hacked. Most attacks are not personal, which means everyone is at risk.
So, you have a WordPress website and you’re not really sure if you’re supposed to update it all the time? After all, updates are released often. They’re supposed to be simple to do but it can take ages if they break your site or don’t work with existing plugins, so why bother… Right? WRONG.
Backups: UpdraftPlus. There’s no point in building a website if you risk losing it all if it’s hacked or it breaks (both very possible), so excellent backups are a must! This plugin backs up your site (I backup to Dropbox) and allows you to move it and clone it for testing. It also backs up elements (plugins, themes etc.) before you update them, in case they aren’t compatible with the rest of the site and they break everything. Security…
Got a new website that you want your customers to read? Not just hover on the home page for 5 seconds, but actually read the words – all of them?
