• Skip to main content

Beyond Blog Design

Do More Than Just Blog

  • HOME
  • BLOG
  • DESIGN
    • Free WordPress Consultation
    • TECH HELP
      • Plugin Check Up
      • WordPress Coaching
  • Social Media
  • About Us
  • Ask Us
  • Portfolio

Don’t Get Hacked, Update Your Plugins

March 16, 2015 By Jen Kehl

update your plugins

Last week we found out that WordPress SEO by Yoast had a security compromise. Messages were blasted out everywhere, Update Your Plugins! (Actually you should be okay, because the issue was so severe WordPress.org did a forced update for everyone.) But you still should update your plugins!

This brings up a very serious topic I have been talking to my clients about. Plugins are the easiest backdoor for a hacker to walk through. Although we would like to think that this was an isolated incident, the only reason it was blasted from high and low is because WordPress SEO is the #1 downloaded WordPress plugin.

Trust me, bloggers big and small get hacked everyday because of old code in a plugin.

I have worked with a lot of bloggers over the past few months who want some help with their blogs functionality, the first thing I always check is plugins. I have been amazed by the sheer amount of un-updated plugins, from both the bloggers end and the builders end.

Most?bloggers don’t realize that not updating plugins is a security risk. Their view is that?their site is too small to be hacked. But that’s not true, a hacker doesn’t care how big you are. What they want is your platform, it doesn’t matter how big it is.

[bctt tweet=”Update your plugins to keep your blog safe! #WordPress #Plugins”]

Here’s another thing you may not know.

A plugin is also vulnerable if the plugin author is not updating it.

I recently did a plugin check for a client and discovered two plugins that hadn’t been updated in over a year. That is a huge open door. Plugins are integrated into the code that WordPress is built on, if the author does?not update his?plugins, but your WordPress code is constantly being updated, then the code gets further and further from matching up.

Think of it as a zipper. The plugin is one side, and WordPress is the other. As long as both are up to date, the zipper is all zipped up. But if one of them is not updated the zipper starts opening and any Tom, Dick or Harry can climb in your hoodie.

Just remember, plugin authors are human and humans make mistakes, as was the case with WordPress SEO by Yoast. Humans can also decide they don’t want to do the same job anymore and abandon a plugin. It is your responsibility to stay on top of your plugins and WordPress updates.

If you need help, you can always ask. But for now, go login to your WordPress dashboard and update your plugins!

 

[contact_button]

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related

Filed Under: Plugins, WordPress Tagged With: Plugins, Security, SEO, Tips

 

Loading Comments...