WordPress Security

The good news… your site is on WordPress, the easiest and most powerful blogging and website content management system in existence today!


The bad news… it’s also easy to hack.


Easy target

Wordpress Updates Badge

When your site has updates available for WordPress, a badge with the number of available updates is displayed.

As of September 2014, WordPress accounted for approximately 61% of all sites that are built with a content management system (CMS), making it the most popular CMS in the world. By no small coincidence, it’s also the most popular target of hackers.

In 2013, over 117,000 WordPress sites were hacked . Googling the phrase “how to hack wordpress” returns nearly 30 million results including instructional videos, and step by step posts with titles like “8 simple ways…”, and “How to hack a WordPress site in less than 5 minutes”. And the WordPress vulnerability most often exploited? Out-of-date plugins.

Adding Features = Adding Risk

Plugins allow you to tailor your WordPress site to meet your specific business needs. Want to track your site analytics? There’s a plugin for that. Need a contact form or want to reduce spam? There’s a plugin for that. Want to add pictures of cats all over your site? (Sadly,) there’s a plugin for that too. But for every added plugin on your site, you add an element of exposure. Plugins (like WordPress itself) are “open source” in nature meaning they can be built, modified and distributed by anyone. Developers in the open source community often find and fix vulnerabilities in previous versions of plugins, which require your plugin to be updated. If these plugins aren’t updated you are leaving your site wide open to attack.

This doesn’t make WordPress a bad CMS by any means, but it does make it vulnerable. Log into your WordPress site right now and look at the dashboard. What is the little red number next to your plugin?  1?  3?  7?  That is how many plugins are currently out of date on your site and the number of wide open holes a hacker can walk through to get into your site.

The Solution: Assess, Address, and Repeat

Updates can be quick and easy but also quick to get left behind and easily forgotten, as you manage all the other aspects of your business. Sometimes updates don’t go smoothly and impair or disable your website. That’s where Tribe Alpha can help. We can provide a security audit that looks at plugins, database vulnerabilities, weaknesses in your firewall, and all the other areas that make WordPress an easy target. Then we’ll get you on a routine schedule of updates, patches and other best security practices.

You’ve put a lot of time, money, and effort into your website. Don’t jeopardize that because you don’t have the time to make sure it’s secure. We have affordable WordPress security options to help keep your investment healthy and thriving.