We Have to Talk About WordPress

Written By Chris Jones
CCI, WordPress Security Issues

When WordPress first hit the market, in 2003, it quickly grew to one of the largest and most popular content management systems (CMS) in the scene. However, it was originally coded as a simple blogging platform… and it shows. We’ll look at the biggest pitfalls associated with creating a website using WordPress. 

Plugins

Everyone who uses WordPress will, inevitably, use their plugins. While they add functionality, there’s a reason they are at the top of this list. WordPress is formatted in a way that anyone can write Plugins with no association to WordPress. This means there are thousands of these plugins to choose from. Which in essence, is a fantastic idea! Unfortunately, there are a great deal of plugins, written by a great deal of people, all with their own vulnerabilities and not always with good intent. 

Sometimes the plugins can break your site. There could be two different plugins that work great alone, but when installed together it can cause compatibility issues. Another example is, a plugin could be working just fine but after an update to the site’s core system, or another plugin, it could break. Unless the plugin’s developer is able (or remembers) to update it, the plugin will remain broken and vulnerable. Not only does the developer need to continue to create security patches, but then they need to be installed.  Which takes us to our next point... 

Website Vulnerability

Security is a consistent topic of conversation amongst WordPress users. WordPress’s popularity as well as the numerous ways to exploit the system, is what attracts hacker groups. Plainly, hackers can attack a lot more sites with a lot less work. They just need to hack WordPress or, most commonly, a WordPress plugin, or create and market a plugin of their own

According to a study from Patchstack, they added nearly 1500 new vulnerabilities found in WordPress plugins, themes and WordPress core, in 2021. What is worse, 29% of these vulnerabilities are never even patched.  Yikes

Updates

Unfortunately, WordPress sites require constant TLC after the set up and can eat up much of your time. Due to the security holes mentioned earlier, WordPress regularly needs to release updates to try and combat hacks. Updates are also released for compatibility fixes and new features of a plugin. Your site needs to have the core platform, as well as all the plug-ins, updated to ensure the safety of your site. If left unchecked, the security of your site can be compromised, your plugins may not work properly as the latest version is, and the chances of a broken or hacked site will increase drastically. 

Updates are high-maintenance and require a technical eye to keep your site secure. With updates released every one to two months, you’ll be spending a lot of time with your site… or paying someone to spend a lot of time with your site.  

Slow Site Speed

We’ve talked about plugins and how they could potentially break your site. But there’s another fear that accompanies plugins… a slow and bloated website.  

Plugins that are installed offer a variety of features, most that go unused. This results in the code taking up unnecessary space that slows down your site. The servers are working overtime to process each line of code that you don’t even need and there are consequences. According to WebsiteBuilderExpert, 1 in 4 visitors would abandon a website that takes more than 4 seconds to load.  This could be costing you 25% of potential business. Not to mention, a slow website will greatly affect your SEO (Search Engine Optimization). 

CCI has helped many businesses, big and small, convert from WordPress to more secure and modern platforms. Reach out today and we’ll find a custom solution for you and your site. 

Sources

“Website Load Time Statistics: Why Speed Matters in 2022.” WebsiteBuilderExpert, 28 Apr. 2022, https://www.websitebuilderexpert.com/building-websites/website-load-time-statistics/#:~:text=Google's%20research%20showed%20that%20the,a%20bounce%20increases%20to%20123%25

“State of WordPress Security in 2021” PatchStack, 3 Apr. 2022, https://patchstack.com/whitepaper/the-state-of-wordpress-security-in-2021.  

Chris Jones https://www.cciustn.com
Previous

The Importance of a Responsive Website Design
Next

Elevate Email Security with Nashville Managed IT Services