In honor of the spookiness and goblin lore associated with Halloween, I’m declaring this month – October – WordPress Security month here at Websites in WordPress.
This month, we’ll explore security measures you can take to protect your WordPress website/blog from malicious attacks big and small.
According to Matt Mullenweg over at the WordPress Development blog, although there are many solutions available for WordPress security, “The only thing that I can promise will keep your blog secure today and in the future is upgrading.”
WordPress is a community of hundreds of people that read the code every day, audit it, update it, and care enough about keeping your blog safe that we do things like release updates weeks apart from each other even though it makes us look bad, because updating is going to keep your blog safe from the bad guys. I’m not clairvoyant and I can’t predict what schemes spammers, hackers, crackers, and tricksters will come up with with in the future to harm your blog, but I do know for certain that as long as WordPress is around we’ll do everything in our power to make sure the software is safe. We’ve already made upgrading core and plugins a one-click procedure. If we find something broken, we’ll release a fix. Please upgrade, it’s the only way we can help each other.
I have two recommendations for you today:
- Read the full article excerpted above. It won’t take long, it’s not uber-technical, and you’ll understand better why getting and staying upgraded is your first and best line of defense.
- Upgrade today! (Instructions here.)
(WordPress.com users – you’re covered. You’re always upgraded.)
UPDATE: WebsitesInWP offers a security and maintenance service at affordable prices if you’d rather leave the technical care of your site to professionals.