Archive | Website Development RSS feed for this section

All the reasons you MUST update your WordPress Plugins

11 Feb

I always have a *facepalm* moment when I log in to a client site to get to work, only to find 10+ plugins with updates. If this is you, don’t feel bad, it’s also about 80% of my new clients so you’re not alone.

It happens so often that I have a pre-written paragraph that I send to them explaining why keeping things up to date is so important and how to do it. I also mention my monthly and quarterly maintenance packages in case they’d like someone to do it for them.

Now, don’t get me wrong, I honestly can’t blame my clients or anyone else.

It took a long time before I ran across an article explaining how important updates were. On top of not fully understanding, they used to scare the heck out of me. What if the update broke my website?! I’d heard of it happening to others and I wasn’t sure what I’d do to fix it if my website did go down. Would I lose everything?

Yes, plugin updates can occasionally cause problems, but the 2 minutes it takes to login via FTP and remove the broken plugin is much better than the possible alternative.

why it’s so important to update your wordpress plugins

Think of it like this. Most of the time, plugin creators aren’t making updates for the fun of it. It’s not like they’re sitting around their apartment bored and think “Oh, I’m going to go push out a random update!”

Yes, sometimes they add new features or make a few simple tweaks, but a good portion of the time the updates are due to bugs or security vulnerabilities.

Now, think of yourself as a hacker. Hackers are always looking for security issues to take advantage of. It’s literally what they do. If you were that hacker and saw a big security patch was just pushed out for a plugin, wouldn’t you quickly learn how to exploit that vulnerability and use it to attack websites?

I’m not an awful person so I’ve never done it, but that’s what I’d do! 🙂

In case you’re doing a quick scan and didn’t put those two pieces together, a good portion of plugin updates are done to fix security issues. When security issues are fixed and you don’t update, hackers know exactly where to attack your website.

Other than hackers gaining access to your website due to weak passwords, plugin vulnerabilities are the easiest way for them to get in.

some plugin update examples

I went ahead and looked up some of the more popular WordPress plugins to show you the kinds of reasons they’re pushing out updates. Let’s take a look at a few.

akismet

In October, Akismet pushed out an update that “closed a potential XSS vulnerability”.

What is XSS, you ask? It’s basically a security issue that allows hackers to inject their own code into web pages. Sometimes this is harmless, but other times it’s all it takes to allow someone to take over and possibly destroy your website.

wordfence security

Yep, security plugins have issues too. As a software developer, I can confidently say that no developer is perfect (as much as they want to be) and small bugs are easy to miss.

Like Akismet, an update to Wordfence “Fixed stored XSS vulnerability”.

You already know what XSS means, so I’ll just reiterate, sometimes these issues are nothing, but do you want to take the chance?

disqus comment system

The last quick example I’ll give is the popular commenting system, Disqus. Lately, they’ve released two separate updates with one of the items being “Security fixes”.

That’s all the information in the change log, but if you want to be safe here’s a place where you can assume the worse.

how to update your plugins

I’m sure you get the point I was making above. The amount of damage that can be done through these security vulnerabilities definitely warrants a few seconds of your time to complete an update.

Think about it, you could truly lose everything.

However, it does take a bit more work than clicking the little “Update” links if you really want to keep your website safe.

If you see the little orange numbers in your WordPress Dashboard, you know it’s time for some updates.

Update Your WordPress Plugins

Here’s the quick process I use:

  1. Complete a full site backup using BackupBuddy. (If you’re looking for a free option, try Duplicator)
  2. Complete plugin updates
  3. Make sure everything still works as expected
  4. Tadaaaaaaa

Now, I’ve personally never had a problem on my own website. If you want to be even safer you could follow this slightly longer process:

  1. Complete a full site backup
  2. Complete one plugin update
  3. Ensure everything is still working
  4. Repeat steps 2 and 3 until all plugins are updated
  5. Tadaaaaaaa

That way, if a plugin did break your website you’d know exactly where the problem was.

See? That wasn’t so bad!

Now that you know that making plugin (and WordPress!) updates is worth a few minutes of your time, go do it! Remember, take a complete backup of your site just in case something does go wrong.

Why WordPress is the Bomb Diggity!

24 Jul

If you haven’t already got a chosen platform, one of the first decisions you’ll need to make when designing a website is which platform you use.

There are endless options, WordPress, Drupal, Joomla and so much more. Without a doubt WordPress is the most popular platform, with everyone from bloggers to global organizations utilizing the features that WordPress has to offer.

This post will show you exactly why WordPress is the best website platform for your business and why you need to ensure that you use it on your next project.

TRUSTED BY MILLIONS

WordPress began in 2003 as a humble blogging solution, but has quickly evolved into a full-blown content management system that powers nearly 20% of all websites on the planet.

WordPress is opensource, completely free and offers endless possibilities. Millions of people across the globe can’t be wrong. Therefore if you want a trustworthy website platform you need look no further than WordPress.

GOOD FOR SEO

SEO is a complex animal and the structure of your website plays a major role in where you rank within search engines for specific search terms.

WordPress is optimized for search engines out of the box. From day 1 your website will include all of the necessary components that Google and other search engines need to find and index your web pages.

As you know, increasing your visibility within Google is extremely powerful and it’s well worth doing as much as possible to have your website sitting in those top positions.

EASY TO USE

WordPress is a full-blown content management system with tonnes of neat out of the box features. You don’t need to be a web design guru with 10 years of experience under your belt; you can start building websites in WordPress right away.

If you get stuck, there are countless video tutorials to give you a helping hand.

ENDLESS AMOUNT OF THEMES AND PLUGINS

Many systems can be quite restrictive in terms of their functionality. However, WordPress is unlike any other website system in that it has an endless library of themes and plugins to meet almost any need.

Themes

When it comes to designing a website, you’ll usually have to spend countless hours tweaking html and css until you have a website that looks exactly like you require. That costs time and money, especially if you don’t already possess strong html and css skills.

WordPress has thousands of free and premium themes that offer different functionality, design, layout and so much more. As standard these themes are highly customizable, so you’ll be able to design a professional looking site that is in keeping with your brand in no time at all.

Plugins

Whether it’s an online shop, the ability to only show content to certain visitors or something far more comprehensive, you can almost guarantee that there will be a plugin to provide the functionality. Although if there isn’t one you’ll be able to find a WordPress expert who can alter an existing plugin to bring it more in line with your requirements.

YOU OWN IT

Unlike many low end website platforms, if you build your website on WordPress, you own it. You can take it anywhere you wish without any major restrictions. However, if you decide to use free online website builder software you’ll find that you cant take your website with you and fully customize it to reflect your brand.

Another disadvantage of these free builders is that if you subscribe to premium features like having your own domain and an online store, should the company decide to up their fees, you’re either going to have to pay or build a new website.

With WordPress, you’ll be able to build your website, customize it, switch hosting providers with ease and much more.

As you can see, WordPress offers many fantastic benefits compared to competing solutions and we most definitely recommend considering it for your next website build.