The last thing you need when you’re trying to run your business is to discover that your WordPress website was hacked. More than likely, you’ll discover it when a potential customer emails you saying, “Your site is down!” Frantically, you contact your hosting service’s tech support to find out what happened only to find out that security and back-ups were YOUR responsibility and it’s going to cost you $xxx+ to get it back up.
Why Only WordPress?
Well, if you’re on an eCommerce site like Shopify or Etsy, that’s part of the fees. Same if you’re on Wix or Squarespace or another site-builder. That’s actually one of the benefits of using a site-builder.
Consequently, if you have a site created on Drupal or another platform or even pure HTML, you’ll need to contact the developer and/or the hosting provider.
See, WordPress (and not WordPress.com — that’s the free WordPress site builder (free to a point), is self-hosted. That means it’s YOUR responsibility to install security and back up plugins or hire a service like my favorite guys, OnSiteWP (affiliate link), to maintain it for you.
The Importance of Keeping Your WordPress Website Updated
Just like you have security updates to your computer’s operating system, your browser, and software programs, WordPress (WP) has security updates, too. There are the main updates with bug fixes and improvements based on feedback from users and developers.
Subsequently, whenever there’s a WP update, plugins and themes need to be updated, also. If you don’t, here’s where the hackers can get in.
Unfortunately, hackers create bots to scour the web for vulnerabilities — like neglected updates. In other words, the bad guy looks for that back window left just a crack open so he/she can get in and wreak havoc.
How Bad Can it Get?
Very bad. You can lose your whole site. Recently, someone who wasn’t keeping up with her WordPress updates had her site hacked. It was totally messed up. It’s costing here $1000 to have it rebuilt. That’s a cost she wasn’t expecting. Nevertheless, she needs her website up. She contacted her hosting service and they said, it was her problem.
Someone told a past client that she didn’t need to worry about those updates. Eventually, the hackers came. Turns out the bad guys installed malware that was directing any payments from her store’s PayPal account to the hacker’s PayPal account.
Another problem — unrelated to hackers — is when a plugin or theme doesn’t get along. Your whole site can crash or something stops working as it should. It happens and it’s not your fault. However, you still need it fixed.
In my experience, it’s better to be safe than sorry! Think of the security and backup protection as insurance for your website. Skip at your own risk.