| | | | |

Keeping Your Wordpress Site Up To Date (and secure from hacks)

You’ve blindly updated your plugins and your theme before, without any problems, right? Updating your Wordpress site is as simple as just pressing that “Update to Wordpress 5.5” button without even a second thought, isn’t it? And, with WP 5.5 the automatic update functionality makes life even easier – or does it?!

What can possibly go wrong if you just throw caution to the wind and don’t keep your Wordpress site up to date in a careful and methodical way?

Following this path is, at some point, going to lead you down a road that is full of web site anguish and, what’s worse, potentially cost you a significant amount of lost revenue and other costs in the long run.

While Wordpress is a fantastic, dynamic, flexible and relatively simple CMS (Content Management System), with only web hosting as the cost of entry, it can also be a right royal pain in the butt for the uninitiated and unprepared web site owner.

“Why?”, I hear you ask.

Despite being a great tool for creating an amazing web site (in the right hands!), Wordpress and its thousands of plugins, along with a plethora of free and, so-called “Premium” themes, with a fantastic price (FREE, in most cases), it also presents unique problems for site owners.

And that problem is – MAINTENANCE.

  • Maintenance of your plugins.
  • Maintenance of your theme/s.
  • Maintenance of the Wordpress core.


Without a good maintenance regime in place, your site could easily become just one more Wordpress hacking statistic. Being the most popular CMS also means it’s the most hacked!

“Why would I want to use it then?”.

Simple – the cost of entry can be as low as your annual hosting fees and, it’s far less restrictive or costly when compared with other locked down solutions!!

Caring for your Wordpress web site is all about prevention, plugging all of those little vulnerabilities that are discovered along the way and, making sure all of your site components play together nicely.


Here’s just a few tips on how to maintain the integrity and continuity of your Wordpress web site.

  1. SECURITY – first and foremost, have a great security system in place – we recommend, and use for many sites, iThemes Security Pro. It’s a security plugin designed to keep the bad guys out, with highly recommended features like:
    • Strong password enforcement
    • 2FA: Two Factor Authentication, using mobile app, email and backup codes
    • Wordpress Brute Force Protection
    • Automated lockouts for suspect users
    • Malware Scanning
    • “Magic” Passwordless Logins
  2. BACKUPS – your site needs a good backup regime, just in case the unimaginable happens. While most hosting companies will provide you with some kind of backups, wouldn’t you rather be completely in control? We use and recommend UpdraftPlus for the CBandC site and for our crucial Client web site backups. UpdraftPlus allows you to backup not only to your hosting server, but to remote locations such as Dropbox or Google Drive (and more), with scheduling options that allow you to control how many backups your site automatically performs. With a good backup regime in place, you can get your web site back up and running in no time should the unthinkable happen.
  3. STAGING – Before you update anything on your Wordpress web site, you should not only have off-server backups (especially if your site has a mission-critical purpose such as an eCommerce store), but the ability to create a cloned copy of the site on what is known as a “Staging Server”. The cloned copy is where you can safely test all of the plugin, theme and Wordpress core updates without breaking your live site. Once you know all of your updates play nicely together, you can then update them on your live site, confident in the knowledge that your site will continue to server your visitors and customers, uninterrupted. Many hosting providers, especially those using cPanel, will have a method in place for you to automatically create a clone of your site. If not, you can simply do so by using a tool like UpdraftPlus and a sub-domain on your hosting server (just make sure you have enough space).
  4. HOSTING – In terms of hosting, look for a provider who has fantastic support, high reliability and a great reputation for uptime. In addition they should also provide access to simple tools for staging your web site, easy creation of sub-domains and, plenty of server space on inexpensive plans to clone your site to check that available updates don’t break functionality. If you’re located in Australia or New Zealand and looking for a reliable and cost-efficient web host, you can’t go past DreamIT Host – it’s who we use to host some of our Client web sites and, in fact, where we co-locate sites hosted on our own infrastructure.


That’s where our Care Plans ride in to save the day!!

With an Annual Care Plan in place, we take care of the crucial maintenance of your Wordpress Web Site, ensuring this critical part of your business or organisation is secure from hackers and, more importantly, available to your customers 24/7, 365 days a year.

So, good luck with maintaining your Wordpress site and let us know if we can help you out in any way!