Everyone who is at least a little into WordPress must have heard the news, older versions of WordPress were vulnerable to worm attacks. How to keep your WordPress Secure was the official answer of the WordPress developers to those attacks.
But it left me with another question, why won’t you update your installation of WordPress? Since WordPress displays the “new update is available“-message on all administration panel pages once there is a new update, you will see it!
So what is the reason for people to not update their installation? I dove into a couple of problems that can occur, but should not.
Laziness
Yes, there are people who do not update their WordPress installation because they are to lazy to update. Can you imagine? Being to lazy to update your WordPress installation is the lamest thing I’ve ever heard. But I do hear it a lot, people don’t want the hassle of updating the blogging software, they just want to write.
The people who don’t want to update their installation can use WordPress.com to start their own blog. You have some limitations in customizing your blog, but there is a lot you can do, with editing your CSS-file for example.
But when you use your own installation of WordPress, on your own hosted environment, you should update that installation, no matter what. I’m afraid you will find out soon enough why you should have updated any sooner.
Being scared of the unknown
Many people don’t see the point in updating – they should read the topics that people post about their hacked blogs – so they leave their blog running at a unsafe WordPress version. All of those blogs are potential targets of hackers.
But there is also a large group of WordPress users that are scared of performing a update. They don’t know how to do it – although it’s very easy with the new automatic update function – or are scared to do it.
Before the automatic update, updating your WordPress core could be quite a move, especially when you don’t have that much experience with databases and backing up your files and stuff. But then again, it is worth updating, you’re taking a huge risk by not updating your installation. You should find someone who can update your installation of WordPress, or use the automatic updater.
Modifications to the WordPress core
When you perform a WordPress update, your changes to the core will be lost as the update process overwrites all core files with new, vanilla files. But wait, why would you even consider editing core WordPress files? WordPress has hooks for almost everything, so you should use plugins instead of modifying core files.
I know, not everyone knows how to create their own plugins – although it really is not hard at all – but there are thousands of plugin already available in the WordPress plugin database so there is a good chance that someone already build the plugin you need.
Please update your WordPress installation
It’s better to update, then having to fix a hacked WordPress installation. Fixing it, is far more work than running a update routine every once in a while. When you are the administrator of your WordPress blog, you should take your responsibilities!
Related posts: