Tag Archives: blog

Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

Leave a reply
Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

Why Do Most Web Hosting Providers And Resellers Recommend WordPress?

If you ask most web hosting providers about what their recommendation would be for a blogging platform or Content Management System for a website you will most probably hear WordPress as the first option. Day by day, the patronage for WordPress is on the rise, and with good reason too. This article explains why most web hosting providers would encourage the use of WordPress and why it may be their number one choice for clients.

Updates and Community Support

WordPress is regularly updated by the community and is kept bug free and as secure as possible at all times. If there is a vulnerability or exploit detected, many people work hard to plug the vulnerability and fix the flaws in the system. Since it is open source, this is all a team effort of the community. No dependence on a dedicated team or on a profit-focused software company. This gives much assurance to web hosting providers that the software is safe to run on their servers without a hitch.

Auto Installer Support

Almost all auto-installer software support the WordPress system and enable quick setup and maintenance of WordPress. With auto-installer software like Softaculous, you can auto-update WordPress when a new version is released, you can update all themes and plugins when new versions are released and you can also configure automatic backups to take place through cron jobs. This eases the burden on the web hosting provider in monitoring outdated installations and asking users to keep updating their obsolete software. This also comes in use when the web host needs to step in to provide support or fire-fight a website compromise.

Useful Documentation and Helpful Tutorials.

WordPress is well documented and the documentation is easily accessible on their website. This is a major relief to most web hosts, especially when troubleshooting client issues. A web host would always like to know if there is some issue with his server or there is a misconfiguration with the user’s install of WordPress. Although providing support for WordPress may not be covered in the scope of work of the hosting provider, it would definitely give them brownie points for pointing a distressed client in the right direction.

WordPress also has a lot of tutorials for newbie users and private bloggers. Many websites offer Video and Audio Tutorials for free, while some charge for premium guidance. YouTube also offers numerous free videos on WordPress issues and how to solve them.

Turn Around Time

A primary reason why web hosts and web developers love WordPress is due to the miniscule turnaround time for setting up a website and actually getting content online. The coming of auto-installers has further improved the speed of setup and updates. When a client trusts a web host for all their IT advice and expertise, they are sure to ask about WordPress. Setting up WordPress for an elderly client or a loyal patron is super fast and easy.

We have seen many clients struggling for months on end just to pick a suitable web designer. When they do pick one, it is an endless process to get the final site up and running. Either the Web Designer dilly-dallies or the client has very little time to give inputs. This process goes on for a couple of months, till the client realizes that the web hosting space they have taken is being wasted. When the client sits up and wants a website done yesterday, it’s the development team’s turn to act fussy. You can’t setup a full website quicker than with WordPress.

Is My WordPress Site Vulnerable To Hacking?

Leave a reply
Is My WordPress Site Vulnerable To Hacking?

Is My WordPress Site Vulnerable To Hacking?

WordPress websites have always been a sweet target for hackers and script kiddies looking to have some fun at the cost of damaging and defacing websites. In July 2014 the popular plugin “MailPoet Newsletters” was exploited to cause damage to over 50,000 websites across the internet. For a hacker, it is also worth investing time and money in identifying vulnerabilities, since millions of site’s across the world use WordPress, and being able to compromise one of them may lead you to be able to replicate it for other site’s with the same vulnerability as well.

The website WPvulndb.com lists all the known exploits and vulnerabilites and categorizes them under WordPress Core, Themes and Plugins. This article explains how you can test if your WordPress site is vulnerable and what precautions to take before you fall prey to an attack.

Plugins

In August 2014, the Custom Contact Forms Plugin allowed alterations and modification to the database using a flaw in the system. This affected thousands of websites which had downloaded and used that plugin. The security company Sucuri, tried to contact the developers but to no avail. They finally posted this message on their blog:

“Due to the unresponsive nature of the development team, we’d encourage you to pursue other sources for your WordPress form needs. There are various options with developers that are very responsive and are actively concerned with your security needs.”

Many free plugins for WordPress, maybe outdated, vulnerable, badly coded and may no longer be supported by an active development team. This means that using such a plugin may be detrimental to your website’s security and may lead you to being a hacking victim due to the flaws in that plugin. Always install plugins which have good reviews, good ratings, are compatible with your current version of WordPress and which are regular updated by an active developer team. You can see the plugin details and inspect them before integrating it with your website.

Themes

The same applies to WordPress Themes as well. Always read the theme reviews and see their rating before you choose a theme. Also, just because you pay for a theme does not mean that it is more secure or has no vulnerabilities, the only advantage will be that you will be able to contact the developers to patch your theme or update it. Bad coding in the themes may lead your site to become slow or open it up for hackers to exploit.

Update

Always keep your WordPress major version and all other themes and plugins up to date. You can do this manually or if your web host provides you with an auto installer, you can allow the auto installer to update WordPress, the themes and the plugins through a scheduled cron command. Keeping your site in sync with the latest version will prevent hackers from exploiting old vulnerabilities, for which a fix is already available. Although this is a very simple and easy counter-measure, keeping updated software can go a long way in ensuring security.

Backup

Always backup your site regularly and maintain a remote backup location in case of a disaster or damage to your site. Keeping a remote backup location is ideal, so that you “do not keep all your eggs in one basket”. Make sure that your backup is easy to restore in the event of an emergency. While you can backup parts of your website separately Eg: Database, Files, Image etc. you can also have a compressed zip backup of your entire website in a single file. Auto Installer software allow you to schedule nightly backups and set the backups to happen automatically.

Testing

Don’t forget to test your website for any known exploits or vulnerabilities before the hackers do. Free online tools like Sucuri Website Scanner will scan your website and suggest some security measures. They will also alert you of any major flaws in the system and will also indicate any outdated WordPress versions. Better scan your website before the hackers do.