security
When we hand over a site to a client, it comes with instructions and the reassurance that we will always help if our client forgets any key or not so key issues regarding maintenance and adding posts, pages and media. One of those instructions is to always perform available updates on core WordPress software and also plugins which have new versions available.
Why is this so important?
Security.
The interweb is scattered with hackers, and system updates make your site more secure. The updates typically address security issues as well as added functionality. No software is immune to security problems, but updates reduce the vulnerability of your site, as do other measures we take when setting up your site for you.
Updating your WordPress core software isn't hard to do, but we know many of you forget to look at your Updates settings, so from time to time we check your sites for you and update core software and appropriate plugins on your behalf. If you're nervous about the words "we recommend you back up your website first" just ask us to do it all for you; it doesn't take long at all and we have yet to encounter any problems doing a core upgrade.
We do notice a difference between web hosts though - there are some hosts out there running outdated versions of PHP on their server which means we can't update the core software (we do contact them and pester them to give us access to PHP5.X.X). It does pay to get a web hosting company which uses up-to-date tools - in our case we can offer you hosting for $54 a year, hint hint! Shameless plug aside, if we can't - or you can't - update your core software and/or plugins because of your web host, it may be time to shift hosts. WordPress is one of the most popular web building platforms in the world right now, and any reputable web hosting company should be able to support it and its updates.
If you have any questions about upgrading your software or plugins, contact us and we'll talk you through it, show you how to do it, or do it for you.
One of my clients phoned me, rather distressed, on Saturday. Someone had hacked her Facebook page and also her Hotmail account...and her email account associated with her own website. Like many of us, remembering a dozen complicated passwords is a pain, so my client had used one password for all three and admittedly it was a relatively low security one.
I've now given her a new email account for her website with a mother of a password, but she's still unable to access her Facebook page and her Hotmail account, which she uses for business.
The ramifications of the Hotmail account being hacked are pretty serious. This person is a consultant with high-level professional clients. She has had to go into damage control mode and send her clients a note stating that her account has been hacked and to disregard any messages sent from her Hotmail account effective last Friday night.
What's making it hard for her to get back on track and get her Facebook and Hotmail accounts back is that the hacker has changed secret questions and answers, and now she is having a tough time proving she is who she is. Facebook can send you a new password via text message, but my client got a new mobile phone earlier this year and didn't update that in her Facebook account. And it's pointless Facebook sending her a new password to her email account, because the account linked with Facebook is, you guessed it, the Hotmail account.
We don't know whether this has been a random hacking attack or a deliberate attack from someone she knows, but my client has called the police and reported it.
Facebook is a hotbed for hackers. We've all heard about tribute pages which have been hacked into, to the distress of the friends and family of the person the page was a tribute to. This is the first time someone I know - let alone a client - has been hacked on Facebook. All of us think "It won't happen to me", but be vigilant, and change your FB password to something a lot more difficult for hackers to guess. Your security is your identity.