As a WordPress professional I know how important it is to keep your website up to date. I know and perform the process of running scheduled backups, WordPress updates, and making sure everything is secure and running correctly at all times.
It is important to keep WordPress, plugins, and your theme up to date. Failure to do this will increase the chance of your website being hacked and make it difficult for you to update your website in the future or take advantage of new WordPress features.
When it comes to WordPress maintenance you have a few choices:
- Nobody updates your website
- You (the client) updates your website
- A professional updates your website for you
We both know not updating your website is a bad decision.
Let’s look at some of the things that could happen:
- You visit your website and see a malware and phishing message from google. Since no one can reach your website, you lose customers and money.
- Your website is hacked and spam links are injected into your website. The last thing you want as a professional is to be offering Cialis and Viagra to your website visitors. You may not even know you’re a victim if you don’t visit your website regularly, or the spam links are hidden (if they are hidden Google will still see them and penalize your website).
- Someone using brute force attacks is able to login to your website and delete or change all your content.
None of us want to see this happen, so it leaves you with two choices.
Choice #1 – You update your website
This isn’t always a bad choice if you stick to a routine and make sure it always gets done. The problem is though that most website owners are busy running their business, so finding the time to update and maintain their website becomes overwhelming or completely impossible.
Choice #2 – A professional updates your website for you
As a professional WordPress Developer this is what I do. I know and have access to all the best tools, and because I do this all day long it takes me less time. I believe this is the best solution, and if you’re trading your time for money you’ll probably save more money hiring a professional.
But if you are still wanting to do it yourself, here is what you’ll need to do, and the tools you’ll need to get it done:
Anti-Malware Security and Brute-Force Firewall – This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them. I use this all the time to scan and remove malware from an entire website.
I have tried several WordPress security plugins and would suggest WordFence. This is a free WordPress plugin (a premium upgrade is available) and goes above and beyond everything you’ll need to keep your website safe and secure from attackers.
Some of the features included are:
- Real-time blocking of known attackers. If another site using Wordfence is attacked and blocks the attacker, your site is automatically protected.
- Scans core files, themes and plugins against WordPress.org repository versions to check their integrity. Verify security of your source.
- Includes a firewall to block common security threats like fake Googlebots, malicious scans from hackers and botnets.
- Block entire malicious networks. Includes advanced IP and Domain WHOIS to report malicious IP’s or networks and block entire networks using the firewall. Report security threats to network owner.
- See how files have changed. Optionally repair changed files that are security threats.
- Scans for signatures of over 44,000 known malware variants that are known security threats.
The list is much larger than this but you get the picture.
Every website should be doing complete daily backups. Watching all your hard work disappear is no fun.
The two products I recommend for website backups are Backup WordPress (free plugin) and BackupBuddy.
BackupWordPress makes it super easy to schedule daily and weekly backups. If you decide to use this plugin I’d suggest paying the extra $24 so you can backup off site to DropBox or Amazon. That way you know that your backups are 100% secure.
VaultPress is a premium paid plugin, but it’s only $5/month if you are just using their backup service.
I recommend VaultPress because it stores all backups in a separate location, and you can restore your website in just a few clicks.
WordPress, plugins and theme updates
This is probably the easiest as long as nothing breaks when you hit update. But you don’t need to worry if you’re running your scheduled backups.
Another tip is to make sure you’re only using Premium themes and plugins, or free themes and plugins from the WordPress repository (all themes and plugins inside the repository are reviewed before they are available.) so that you know you’re not installing a bad plugin or theme that might break your website.
And if you’re wondering how am I going to know when I need to make these updates, not to worry, there is also a plugin for that.
WP Updates Notifier – this plugin sends emails to notify you if there are any updates for WordPress, plugins or themes (some themes such as Woothemes require their own plugin for update notifications).
Is that really all there is to it?
Yes, that’s pretty much all you need to do to keep your WordPress website up to date.
Do you do your own updates or hire someone to do them for you? Leave a comment below.