Don’t Get Hacked… Three Things You Should Know About WordPress Maintenance

Hi friends!  It’s Jason with the blog post for this week.

If you are like me, you enjoy creating new things, but maybe aren’t a big fan of maintenance.  The problem is, you’ve got to do maintenance on things or they fall apart.  There are tons of analogies like maintaining your car or home.  I’m sure you know people that don’t take care of their stuff, and when it breaks, it is expensive to fix.  Even worse, it never breaks at a good time.  Life is stressful enough without having to worry about your car breaking down on the way to an important client meeting.

The same care and attention is needed to maintain a WordPress powered website.

WordPress, Themes and Plugins…

Did you know that WordPress is made up of three major parts?  The WordPress software itself, the Theme you choose that controls the look and feel of your site, and finally any Plugins that you install to give additional functionality to your site.  These three elements go hand in hand to make your website look great and work well.  It is important to keep all of these elements up to date.

1) The core WordPress software needs to be updated regularly

WordPress LogoThe core WordPress software has maintenance releases, security releases, and major releases that have new features.  These releases happen regularly throughout the year.  If you’re interested, you can see every release that has been done since WordPress began back in 2003 right here.  What this means is that you need to be applying these updates on a monthly or quarterly schedule to keep up to date.

I know it sounds tedious to stay on top of these maintenance updates, but WordPress powers more than 20% of all the websites out there and because of that it’s a popular target for hackers.  If they figure out a way to hack WordPress, they can hack a bunch of websites quickly, so they definitely focus on exploiting WordPress.  That is why keeping the WordPress software up to date is really important.

We’ve said it before, and still love Flywheel for WordPress hosting.  If you host your website with Flywheel, they do the core WordPress updates for you automatically, included in their monthly hosting fee!  Just about all of our existing clients are hosted at Flywheel because they do the core updates, guarantee against getting hacked and more.

2) Themes need to be updated regularly

Themes have come a long way.  Themes used to be fairly simple and cookie cutter looking.  Today, themes are more of a framework that give you a ton of features, look amazing, save you time and hide a lot of the complexity of coding a website layout.  Most themes are “responsive” out of the box… this means that your website will automagically change when viewed on a mobile device and be easy to navigate.

Themes are complex and have to be updated regularly to stay compatible with the core WordPress updates.  For example, the most recent release of WordPress was a major release, version 4.0.  In this version, the editor window for content has been updated to a newer version of TinyMCE.  This update broke a lot of themes and made it so you couldn’t change content in pages or posts.  Themes that are well supported by their designers will be updated to fix these kinds of problems, but the update has to be installed.

To see some of the themes we use regularly, visit the “Popular” section of WordPress themes at ThemeForest.net.

3) Plugins need to be updated regularly

Plugins are pieces of software that extend the functionality of WordPress.  Say you wanted your website to have a calendar of events.  WordPress doesn’t have something like that out of the box… but there are lots of plugins that can add that functionality to your website.  One of the plugins we like is the Google Calendar Events plugin.  This plugin lets you pull in upcoming events from a public Google Calendar.  We like this because it lets our clients update a Google calendar with all their events and then they automatically show up on their website.

Plugins have to be updated regularly so that they are in sync with the core WordPress code.  At times, major updates to the core WordPress code can break a plugin.  Also, most plugin developers add new features fairly often, and you want to be able to take advantage of those features.

The bottom line

The bottom line is that WordPress is an amazing content management system for powering websites.  WordPress is a combination of core software, themes and plugins that hide the complexity of website development from the end user.  But with all good things, you have to keep WordPress, themes and plugins up to date and in sync so that they work properly and are secure from hacking.