Is WordPress Safe to Use Anymore
A couple days back the WordPress Development team disclosed a pretty important security update, as did a very popular plugin developer, Custom Contact Forms (Custom Contact Forms Security Issue). The vulnerabilities of each of the security issues are nothing new to the WordPress platform. Does this mean WordPress is not safe to use? Absolutely not! As long as you perform the update, WordPress is still completely safe to use as your CMS/blogging platform.
The reality is, there are always going to be security issues, because there are always going to be people that wants to prove themselves in the IT world, and at the same time, scare the living you know what out of you when you discover your site could be hacked.
Here is the quote for the new security vulnerability on the WordPress platform.
“This release fixes a possible denial of service issue in PHP’s XML processing, reported by Nir Goldshlager of the Salesforce.com Product Security Team. ”
You can read about the entire issue here.
Now one thing we find very interesting is that the security issues found in this update affect more than just WordPress. They also affect another very popular CMS, Drupal. This is indeed strange and a joint venture between the two giants was conducted to achieve a fast, effective fix to the issue.
A Band-Aid is Not a Fix
It’s true, most times, a fix is just a band-aid. A short term remedy to an ongoing issue. Security. Over all, the security of our websites are the most important factor of owning a website… and for good reason. If you have a site that generates good, relevant traffic, has high PR and/or great SERP, then you’ll want to ensure that your site is safe. If a hacker finds that your site has all these juicy ingredients outlined above, they will most likely try to steal your traffic by hacking your website files, or database and redirecting your traffic to benefit them or their clients, or even worse, compromising your reputation and effecting your business as a whole.
We recommend to not only update your WordPress installation to the latest 3.9.2 version, but to also take some steps to secure your site on your own. There are a ton of resources out there that will guide you on how to properly secure your WordPress files, database and in some cases, you hosting server over all.
We also recommend signing up for any type of service that offers WordPress Security Firewalls. There are some pretty cool plugins available for free, but free doesn’t always work out the best. If it’s all you can do, then we absolutely encourage you to take the time and install one. We’ve tested quite a few of them, and the best free one we’ve found is the All in One WP Security and Firewall.
Get your website updated today. Before you update your WordPress installation, please take a few minutes to watch this video on how to safely update WordPress.
If you’re still uncomfortable updating WordPress, even after watching our video, contact us, or any other professional to have it done as soon as possible.
Remember, these hacks and security vulnerabilities have been published online, which means, the evil internet knows about it. They will do whatever they can to exploit these issues.