I just had a client accuse me of sabotaging their WordPress website- that I built in a backdoor for hackers to attack her site.
Wait, what? you might be asking. I was astonished to be accused of something so vile! I designed and implemented a standard wordpress website for this client and once completed, turned it over to them after a walkthrough and rundown of the wordpress backend. I am sure I told this client to make sure to run the pending updates that are pushed out by WordPress and wordpress plugin developers. I tell this to all my clients. I show them how to do it, and how easy it is. The fact is, I didnt BUILD IN A BACKDOOR to her site, that is absurd. Hackers FIND THEM. In whatever way they can. And if you don’t keep your website up-to-date, they will FIND THEM.
I guess some of my clients don’t listen and take these steps seriously. Why is this such a big deal? you may ask. Because these updates help keep your website secure from the thousands of hackers out there to ruin your website to gain something out of it themselves.
I had a really good client of mine get her website hacked last year. I had invested hours creating this custom site for them, and BOY did this open my eyes to the vulnerabilities of WordPress! But it also educated me on steps that can be taken to keep it from happening. I suggested contacting Securi to my client, so they could clean up the hack for her (this is not my expertise although I try to help). She never blamed me for what happened: Fact is, it HAPPENS to even the best of us. Unfortunately, as WordPress has gained popularity, hacking has also increased.
So a word of caution to my wordpress clients; Keep your website up-to-date! Some hosting companies even have an automatic updating feature as part of the hosting, call your company and see. That will keep one less thing off your plate. Take it a step further and install a virus scanning and/or security plugin. There are some very good and reputable ones available at the wordpress repository for free. Websites are simply not “Set it and Forget it”- they have to be maintained. If you don’t have the time or know-how, please contact me and I will happy to help.
As mentioned above, here are some tools for WordPress Security