What is website maintenance? What should be updated in WordPress? Why? Prevention is better than cure. Don’t be left unprotected!
The benefits of working online
I mainly work with online tools, and I find that frankly brilliant. No longer needing to install a program on my computer gives me several advantages:
I don’t have to pay for an expensive license (but I may have to use subscription services instead)
I have access to my tools in the event of a breakdown of my equipment, without any complications
I have access to my tools wherever I am (with family, in Poitou, in the Middle Regions, etc.)
Only imperative, I need Internet access! And if Wi-Fi is not yet present everywhere, it is nevertheless progressing by leaps and bounds.
A content management tool like WordPress is one of those tools that work online. WordPress is a tool:
- open-source, free for basic installation
- accessible online from a web browser
- which has an easy-to-use admin interface
- which allows you to write and publish your content via a text editor
- which allows you to manage a website with several people
- …
But each solution has its drawbacks. Even a solution like WordPress, which runs one in five sites on the planet. In our case, it will be necessary to pay attention to security.
Also, read the importance of choosing the right web hosting.
Website maintenance
If you have a computer, you know that a widely used tool is a tool that has security needs. There are indeed more security vulnerabilities discovered and corrected:
- on Windows than on iOS (computer operating systems)
- under Internet Explorer than under Opera (internet browsers)
- under WordPress than under Dot clear (content management tools)
As a result of all this, a computer may use security software (antivirus, anti-spyware, firewall, etc.) and will be updated regularly (Windows updates), sometimes transparently for you, when your computer is turned off. machine. Your browser will also be updated (change of versions).
A website linked to a database runs similar risks.
- the hosting of the website can be hacked (which can lead to the deletion of your site, the sending of massive spam, etc.)
- your WordPress installation may be infected (which may lead to the distribution of malicious programs to your Internet users, the banishment of your site by Google, etc.)
- your administration interface can be hacked (which can lead to the deletion of your user account, the addition or deletion of content, etc.)
You guessed it, WordPress is therefore updated regularly! Recently, a component of WordPress even allows the automatic installation of WordPress updates, but this tool does not work very well yet and you can end up with several versions behind, exposed in particular to the dangers above.
The update must therefore be manual, for greater reliability.
What should be updated for Website Maintenance?
There are several components on a WordPress website:
The basic files, allowing the installation of WordPress
These files are comparable to your operating system. They are updated approximately every four to six weeks by Automatic, the company that created WordPress. About two out of three times, the update concerns security vulnerabilities. The third time concerns an improvement of the tool (design, functionalities, etc.) intended to improve its performance.
There is a button in the administration interface, that allows you to update WordPress in one click. But this button often crashes your site, especially because of your extensions. As for the automatic update, this button is not reliable and the best solution is to carry out the update oneself, by FTP client.
The themes
The theme is the graphic design of your website. Although we are talking about graphics, a theme is made up of programming files (PHP, JavaScript, jQuery, etc.) and formatting (HTML/CSS). Sometimes a security flaw can’t be fixed directly in WordPress, because it uses a function used by your theme or a script outside your site.
It is rare to have to update a theme, but sometimes the danger is critical and you have to either modify it yourself or apply the update put in place by the theme developer (in case your theme has been purchased and still benefits from updates and user support).
Care must be taken to update the theme without losing the customization made to the site’s graphics.
Extensions
If your WordPress installation allows you to publish content, many features of your site are included in so-called extensions. These are plugins that are added to your site to perform a specific function (generate contact forms, offer an online store, add sharing buttons, etc.). Some of its extensions are even dedicated to security (antivirus, firewall, tool hiding certain information from WordPress, etc.) and are not visible on the website.
The extensions are designed and maintained by an independent, amateur, or professional developers (companies offer free and paid extensions). These can be updated at any time and can relate to security issues as well as improvements to the extension.
Probably the most sensitive part, your extensions must be compatible with your version of WordPress. Sometimes certain plugins are left behind or not updated quickly, and lose compatibility with your WordPress installation. The extension then causes malfunctions on your site, which may even no longer display it at all!
The number of extensions for a website depends on its complexity. But generally speaking, not a week goes by on a WordPress site without there being one or more extensions to update. Sometimes minor and sometimes critical, they require the intervention of a qualified person to:
- install the new version of an extension without removing the customization’s made on the site
- check compatibility with the website, on the deposit site, and in real life on the site
- downgrade the extension version if there is a problem
- configure the extension again, in the event of a major update (for an e-commerce module for example)
Some extensions can be updated quickly and without real danger. But others are much more complex and can be tricky to maintain.
Keep a technology watch
Most updates are notified to you directly within your administration interface. This is the case for WordPress updates and plugin updates. Regarding your theme, the developer of the theme may send you a notification or an e-mail to warn you. But this will only be the case if he has detected a problem…
The best way to keep a website safe is to keep a technological watch on this subject, ie to regularly inform yourself of what is being said around the sphere of WordPress. Many actors around the WordPress sphere are entirely dedicated to security. Most are published in English only.
This technological watch is essential to be warned of major flaws, massive infections, and other dangers, which WordPress will not solve for you by magic! The use of security modules (Word fence, for example) will allow you relative security. But perfect security does not exist. Your website is stored on a computer, runs on programs, and both computers and programs are vulnerable. This is why the website maintenance of websites is very important.
Prevention is better than cure. It will be much easier to secure your site than to remove an infection. If there is a problem, it will take several days to restore your site and if you outsource it, you will be billed as such. If you lack the skills or time to update your WordPress website yourself, I recommend that you go through a professional. Do not neglect the security of your website or in simple words website maintenance!