WordPress Maintenance and Security 101

On average, a major release for WordPress happens three times per year. These release cycles increase the version number by increments of .1. So we go from WordPress 2.7, 2.8, 2.9, 3.0 and so on. These are considered “major” releases.

In between these releases, security fixes are released as needed. So we go from version 2.8.1, 2.8.2, 2.8.3 and so on. Many times, releases like this simply reflect the need for bugs and flaws to get fixed quickly.

So while it might seem like a pain to have to update, it’s really just a security measure meant to keep your site 100% secure.

Minimize Your Risk:

Here are some things that you should be doing to minimize your risk…

  1. Backup, backup, backup! You can use the WP DB Backup plugin to backup your WordPress installation.
  2. Keep your themes and plugins updated! Anytime you see a notification to update to the latest version of WordPress, back-up your files, and UPDATE!
  3. Only download plugins from reputable sources (WordPress.org). Only use plugins and themes that are actively being developed (read: updated) and that have solid reviews.
  4. Keep an eye on WordPress security news sites (like this one) to see if there’s any issues with any plugins or themes that you might be using.
  5. Delete any plugins that you are not actively using (don’t just de-activate the plugin, delete it).
  6. Get a free website scan. You can scan your website for free to see if it’s infected with malware here (courtesy of Sucuri Security).

What about you? Have you updated to the latest version of WordPress lately? How about your plugins? What are some of your favorite (must-have) plugins and themes? What are some themes and plugins that you’ve had issues with in the past?