Newer versions of web software are coming out all the time. Often, these releases have newer features some people don’t need or don’t want, as whatever version they are already using has been working for them just fine. Mostly, though, these releases include bug fixes and/or security releases. So there are times where we are contacted by people wondering why their website, which has been running without any changes for a couple years, has gotten hacked all of a sudden.
Well, the longer a software version is out, the more security holes can be found in the software’s code. There are people out there who will publish these vulnerabilities so that the developers can then release a newer, more secure version of the software.
When WordPress 3.6 was released, the next version, 3.6.1, was released shortly thereafter, as some security vulnerabilities were found. From what I saw, this vulnerability allowed hackers to change the administrator username and password and gain access to the system. I found that the hackers would go in and change some theme files, advertising that the site had been hacked and by whom. Now, having backups of a site is all well and good to get it back to the way it was, but that does not close the security vulnerability. So upgrading to 3.6.1 was the answer to the solution.
Upgrading a site can be a little scary at times due to customizations that have been made to the different pieces of your website. It’s always a good idea to make sure to have backups of your site to be able to put it back to what it was. But if you think that upgrading is optional, you would be wrong. Would you rather worry about hackers returning, or try to keep up-to-date on upgrades?
A lot of hosting providers will help you get your site from a backup if one is available, but the hosting plan itself does not include upgrades to sites. That is due to these customizations. Currently, here at inConcert Web Solutions, our premium hosting plan includes these upgrades with an hour of support. The support can include ensuring that your site is still in working order at the end of the upgrade, as well as helping you make sure your email program is set up properly.