This past week there was big news on the Internet, specifically a huge Distributed Denial of Service (DDOS) attack on key components of the Internet’s infrastructure (details). The attack took out sites like Amazon, Netflix, and Twitter (to name a few).
That’s right, Amazon, Netflix, and Twitter!
I’ve said it for a long time, Internet security is going to be a huge issue going forward – it already is.
Ignore PROACTIVELY protecting your website at your own risk.
Don’t assume your webmaster or hosting company is taking care of WordPress updates. Have a conversation with them to find out who is taking care of your keeping your WordPress website up-to-date and what (if any) disaster recovery program is in place.
How would your business be impacted if your website was unavailable for 24, 48, or 72 hours?
What about a week?
What if you couldn’t recover?
What if your email was blacklisted?
How would that impact your business?
While it’s not likely that your website is going to be the target of a DDOS attack, that shouldn’t make you feel any better about the REAL THREATS that do face your website. I believe mass numbers of “small” website attacks are on the horizon. They might not get the press of the big attacks, but they are also easier targets.
Most likely, your website would be a target of a malware injection attack. When this happens it gets ugly fast. Some of the more common issues related to malware infected websites include:
- A horribly slow loading website
- Thousands of bogus emails start being sent from your hosting server – as you!
- Your email address gets blacklisted which means the legitimate email you send doesn’t get to recipients
- People who visit your infected website are at risk of getting malware placed on their computers
- Google sees your infected website and labels it with an ugly warning
- Google removes it completely from their search engine results, you are now blacklisted at Google
Hackers using “bots” are testing your website security every hour of the day.
If you want proof, install the WordFence WordPress security plugin and take a look at your WordFence logs.
So what should you do?
Keeping your WordPress plugins up-to-date is a best practice and an appropriate defensive action against WordPress site infections.
You don’t want to be on the backside of an attack.
The best defense is a good offense.
It’s pretty easy to protect your WordPress website, here’s how you do it.
- Login to your WordPress website as an administrator
- Look down the left column of your Dashboard for update and plugin notifications (orange warning)
- Click into the Plugins option
- Select the plugins that are out-of-date; check the boxes or use the Select All option
- Select Update All at the bottom of the screen
- Watch the “updated successfully” messages as the plugins are updated real-time
- This can take a couple minutes – so have some patience
- The orange warning/indicator should now be gone – your plugins are all up-to-date