and what are security updates and why does my website need them?
Just like any software your website can become compromised if left to go out of date. Website platforms like WordPress and Drupal can be open to attack if you don’t keep the security up-to-date. Bad security can affect your SEO too, Google will penalise websites which don't have the proper security, so it's important to make sure your site can't be easily compromised.
Things your site can be vulnerable to
DDoS attacks - Distributed Denial-of-Service
In simple terms, a DDoS attack is where a website is targeted by lots of requests resembling multitudes of people hitting the refresh button or accessing a page over and over until it exceeds the server's capacity to cope.
Put more technically an un-handleable amount of traffic is sent to your website in the form of server requests from compromised systems, often targeting one IP address. This then crashes the server your website is on.
An infected website may gather personal information, slow down or stop, or even post inappropriate content to your website. We check our sites regularly for Malware and proactively add measures to keep malware from affecting our websites.
It won’t happen to me I have a simple website
It may get hacked, without proper care from an expert. Even simple websites can go down because of an attack.
It isn't personal they’re not usually individual people targeting your website. Often they’re programs sent out to maliciously attack sites for no apparent reason.
Which is why we have a range of protective features and procedures for all the websites we host.
What’s the worst that can happen?
Contact forms can become vulnerable to attack
If you leave the updates too long, hackers will find security weaknesses. There’s a very real danger that your hacked website can end up sending out spam to thousands of email addresses. Which is a nuisance right? It’s worse than that, if your mail server is compromised through your website, it can blacklist the mail server, meaning genuine emails may not get received. Many hosting companies will spot this before it gets to this stage as it’s their mail server that can get blacklisted affecting their other customers. The worst-case scenario is that your website and email could be stopped which could have a devastating impact on your business.
Spammers are also hackers testing for weaknesses, so an influx of spam can mean someone is testing the website’s defences.
The ever-moving technology waggon
Do you ever feel like you can’t keep up? Well with WordPress and Drupal there are lots of website owners invested in keeping their websites safe, which means there are lots of developers also invested in doing so. As a result updates come out all the time for plugins, themes for WordPress and Drupal. Developers are constantly working on closing loopholes and keeping up with that waggon so you don’t have to worry, as long as the security is kept up to date!
A lot of technologies that are integrated with your website, such as payment merchants like PayPal and Stripe, bring out better security such as two-factor authentication or software updates to improve speed and compatibility with new devices accessing the internet. If these are allowed to go out of date, then the payment system on your website may break if you have an online shop or any kind of transactional feature.
If you’re using a paid theme, the same is also true, when a new phone or other device used to browse the web comes out, the developers of these themes make sure they're compatible with new devices, especially if it becomes popular. So for people to continue to use your site easily, keep all that security up to date.
A compromised website may even cost you in Google rankings even if the hack isn’t visible. If it detects Malware, or a form sending out spam you may see your site taken off Google as a dangerous website. Or if you have masses of blog posts appearing on your site for viagra, Google will certainly mark you down for irrelevant content.
Future incompatibility with later updates.
If you leave those updates for years then it may be impossible to run them in the future. As technology develops over time, future updates can become completely incompatible with older versions, so a rebuild of your entire website may be the only expensive solution.
Get an expert!
It doesn’t have to be us, but occasionally a plugin or module can cause an error or even bring down a website if not tested when updated. So some technical knowhow and access to backups is very necessary
We run these manually on a regular basis, we’re also alert to the latest security vulnerabilities and act before your website is affected.
For help with your website's security see