Discussions of WordPress Security Plugins usually begin with general purpose solutions like All In One WP Security & Firewall, Wordfence Security, Securi Security, and so forth. What is nearly always missing from these conversations, what is first in nearly every other security discussion, and what should be first in this one, is the matter of keeping the software updated. Neglecting to do this leaves websites vulnerable to published exploits, which can only lead to disaster.
Happily, WordPress has plugins that protect against this admirably. The first of these missing essentials is Advanced Automatic Updates. This plugin is simple and effective: You configure it to keep everything updated and forget it. Then it will periodically check with WordPress to make sure that you have all of the latest versions of your software. If you don’t it will download and install them for you and send you an email to let you know what it has done. While legions of hackers are scouring the web for those sites which haven’t patched the latest published exploit yet, you can attend to your business, deeply unconcerned for the safety of your site.
The second, and even more neglected of these necessities is Vendi Abandoned Plugin Check. This one doesn’t even need any configuration: You just install it, and when one of your plugins hasn’t been updated in the past year, it will attach a bright red warning message to its listing in the plugin administration page. While the plugin may appear to work properly, a year without maintenance may well be an indication that it does not.
Check out our blogs for useful information about keeping your website safe, improving its performance, and many other aspects of being an effective webmaster. Then contact us if we can help you with these or any other problems related to owning or operating a web presence.