Monday, 10 February 2020 19:02

Do I really need to patch my Wordpress (Joomla, Drupal) site?

Written by 
Do I really need to patch my Wordpress (Joomla, Drupal) site?

Question:
Our site has been up and running with out any problems since for years! Do I really need to patch my Wordpress (Joomla, Drupal) site?

Answer:
I agree! For over 10 years, many people have been getting away without patching their websites, they've been lucky!

Todays' article includes a screenshot of a typical Wordpress site. This person hired someone else to build their Wordpress site, and it was never patched. Their site was built in 2017 and hacked in 2018 & 2019...

These files (circled in red) were added by some hacker, and have been just sitting the web server, alongside the other Wordpress 'core' files. This overall concept applies to Joomla and Drupal sites, too, not just Wordpress. This is because they all run on the same type of server & hosting environment: Linux, Apache, MySQL, PHP.

At some point, the hacker can come back and actually start exploiting the site - either by defacing it, adding hidden landing pages (used in phishing attacks), or redirecting your traffic to ad-sites. And they could have done this at any time since 2018!

Your site was already hacked?

Even if you install the latest Wordpress updates and patch all of the plugins, those hacked files are still going to be sitting there on the server, meaning a hacker could still stumble across them and hijack the site.

If your site has been hacked and you're looking for someone to take over the ongoing maintenance, we are now offering service plans:

Most small sites are covered by our 2 hours Per Month maintenance plan.  Larger, complex sites sites may require additional timeContact us today if you're not sure which plan applies to your site and would like a no obligation quote.

Read 112 times Last modified on Monday, 10 February 2020 19:10
Add comment