You’ve just created a beautiful new Content Managed Website using WordPress. Rather than dealing with the hassle of using specialized software, you now have the control to add content to your website from your browser. Are you ready to keep your new site healthy?
The WordPress community is an amazing group of developers and creators who are constantly growing and learning how to push the boundaries of the do-it-yourself website creator. For any answer you need, a community of people is there to help.
One of the biggest challenges we discovered at White Hart Insight was that although WordPress offers our clients many benefits, it is not a format that once created can be left to run on its own. In fact, the reality is, no Content Management System (CMS) can be set up once and left alone without some love and care. Even non CMS can’t survive as something you create and forget about it.
A great many factors affect a CMS website: browser updates, social media updates, plugin updates, and then with the launch of WordPress 5.0, core and theme updates as well. These various updates all make the CMS website vulnerable to the ever-changing landscape of the internet.
So what should you do as the website creator to stay on top of the changes that seem to come almost daily?
Solution One: Do Nothing
One solution is to ignore all the plugin, theme, and core updates. After all, your site is working fine. Why risk updating something and causing a problem? We’ve all been down this path with our WordPress sites: you run a plugin update that causes you to lose your styling, or the update conflicts with another plugin, or the it has a new bug in the code. You then spend the next hour trying to pull your backup (if you have one), or you call your hosting and ask them to rollback your site. And if, on the other hand, you never set up a backup, you try to rollback the update you just did. A quick update has just cost you at least an hour of your time and quite a bit of frustration. So you wonder, if your site is working, why update at all?
Problems with the Do Nothing Approach
The biggest challenge with the “do nothing approach” is that the internet is not unchanging. Every major browser has updates adding new features and new security patches. All these updates can and do change the scripting environment in which your website resides. Each change provokes a cascade of changes, and your site will not remain unaffected.
Another challenge we face is the every growing, ever innovating hacking community. Hackers work tirelessly to find the back doors into your website, and no CMS is immune. Therefore, to counter the attacks, the browsers, social media, and CMS are working just as tirelessly to help make your site secure. These efforts lead to changes in how they work with your site.
Solution Two: Update Yourself
Another approach is to stay on top of each update. This is a very valid solution that fits perfectly into the WordPress community belief system.
Updating your plugins, themes, and core on a regular basis is a sound practice for keeping your site healthy. However, no script is completely unhackable. Yesterday, the security plugin Wordfence announced a security patch for a plugin in which the JavaScript of the plugin became vulnerable to an XSS attack on your site if you used the Abandoned Cart Woocommerce plugin. Even if you do not use this plugin, it remains a good reminder that no script is wholly impervious to attack. That is why using a quality firewall, difficult passwords and updating all plugins is the best way to keep your site secure.
Be prepared to encounter plugin conflicts: the “white screen of death” where a plugin conflicts with another plugin or with your theme. Always make sure you have a backup before you run your updates. And always run your updates plugins first, then Theme updates then the WordPress core updates. It helps to stay in the loop with your various plugins. You may want to wait to update until you have confirmation that all involved parties are up to speed with one another. This was the case with the WordPress core 5.0 update. It was such a big update that many plugins needed at least a week or more to get their plugins comparable. So, in order prevent a similar scenario happening to you, it is sometimes wise to keep in contact with all your plugin vendors and the WordPress community.
There are other times, however, like this week, where due to high security concerns, it is important to make your updates right away. The WordPress community is currently discussing some very important security updates. It’s important to stay connected and informed.
At White Hart Insight, We Offer a Third Solution
We offer a maintenance program that includes all WordPress core updates, theme updates, and plugin updates. Our service includes backups as well. We know your time is valuable. We are part of the WordPress community and watch for the trends you need to know about. We help prepare your site for the big updates like the recent WordPress 5.0 update. We are ready to solve any update conflict that occurs. We know how to solve the “white screen of death,” and any other issue that arises.
WordPress is a great solution to your website needs, as long as you give it a little TLC.