At Douglass Digital, we spend a lot of time ensuring our websites are maintained to the highest security standards. However we do often face questions surrounding WordPress and its security as a platform. We thought it would be a great idea to write an article addressing these WordPress security worries, hopefully crushing any rumours that sometimes lead to website owners choosing alternative platforms.
It isn’t a secret that WordPress is one of the most popular content management systems available on the web today, it has so many benefits. This popularity unfortunately impacts its reputation surrounding security. The majority of WordPress security issues are entirely preventable. We have listed a few of the most common causes of weak security below:
1.) Running out of date versions of WordPress.
The most common reason why many WordPress websites are insecure is simply because they are running out of date software. The WordPress Security team are amazingly quick at identifying and fixing fixing issues within the core software. Generally if software releases are applied promptly it is highly unlikely a security breach will occur. At Douglass Digital we have an agreement with our hosting providers that all websites we host are maintained to the highest possible version of WordPress.
2.) Using a variety of plugins and themes
One of the reasons for such a popular interest in WordPress is the contribution made by 10,000’s of developers worldwide to create plugins and themes. This brings unrivalled flexibility to website owners especially for those on a tight budget. The downside to this of course does mean an increased risk of security vulnerabilities. It is therefore important to do thorough research when turning to plugins and themes. Our policy at Douglass Digital is to only use tried and tested plugins AND if we have to absolutely use plugins. We inherit quite a number of WordPress websites that are jammed full of unnecessary plugins which can also lead to security and performance issues later down the line.
3.) Cheap hosting platforms.
Never underestimate hosting costs. You can get cheap hosting anywhere. However, if you want to build a good reputation our recommendation is to think carefully about the hosting provider you are going to use. Do not simply choose the cheapest hosting option. Reputable WordPress hosting providers spend millions on intrusion detection technology, continually monitoring security vulnerabilities. Also consider using a service like Cloudflare. Read our other post about the perils of cheap hosting.
4.) Running out of date PHP.
PHP is the power behind your WordPress website. Maintaining the latest version of this codebase is very important. Each release of PHP aims to tackle critical security vulnerabilities. At the time of writing PHP 7.2 is no longer supported. Amazingly nearly a 3rd of the World’s WordPress websites are running on out of date versions of PHP!
(Source: WordPress Statistics)
As part of our on-going support, hosting and maintenance services we will take care of all of these WordPress security concerns for you. Feel free to contact the team to discuss your WordPress support requirements.