Staying Up to Date: Important for Both Your Website & Computer

Did you know that by actively choosing to not update your browser or content management system (CMS) installation when new upgrades are available, you’re actually putting both your computer and website at risk for viruses, hackers, and worse?

Black hat hacking groups have the ability to target various holes and weaknesses in software versions, whether they’re the moving parts that work with your website’s databases or your clunky, old web browser that’s even just one version behind the latest major iteration. Not all code is perfect (oh, how we wish it were!), so it’s important that you thoroughly protect yourself from these weaknesses and possible attacks as a user of each kind of product.

Your Content Management System (CMS)

The self-hosted version of WordPress (this is the CMS Blog What? Design commonly uses as a solution for our clients) receives a major update every one and a half years or so, while smaller though highly important updates may arrive as often as every few weeks. Although the dynamic and vibrant development team behind WordPress generally attempts to keep the number of recommended updates down to a manageable amount, it’s usually impossible to predict the discovery of a new security hole or weakness in the code.

Oftentimes the majority of these updates will contain enhancements for better user experience such as friendlier features, or a brand new tool for developers. However, in terms of ultimate importance, it’s the security aspects of these updates that make their adoption absolutely necessary.

Behind every content management system (CMS) is a database of all or most of your website’s information and data. This can include everything from user passwords and credit card numbers, to thousands upon thousands of blog posts, articles, and comments with private information like e-mail addresses attached to them.

A potential hacker can manipulate a number of factors thanks to security flaws in code in order to easily access information in a database. First, they can poach users’ information and data, setting them up for a significant increase in SPAM at best and, at worst, they can steal and sell complete identities with credit card information included.

More likely, however, is that hackers will gain access to your website through a flaw in your login information for either your CMS (such as WordPress) or the way you access your website’s files (on your control panel, for example). From there, hackers—or rather the robot-like scripts that these individuals setup to troll the Internet—will target the most important files in your website’s file directories: your index files. Generally, these files will end in .php for a WordPress installation, but there exists a variety of other forms for additional content management systems. After gaining access, these robotic scripts will replace the code of your index files with a bit of inflammatory content such as some “victory” text or an inappropriate image signaling the “take over” of your website.

We’ve dealt with a number of these types of hacks on our clients’ websites over the years. Although we were able to easily and quickly mitigate the situation and restore each one of them, neither option is favorable. Not only can such an outcome cause great distress for the curators and owners of the website, but users can be impacted greatly as well. Find that your favorite cooking blog now advertises adult films can be a jarring experience that will ultimately discourage future business and site traffic.

Rather than asking why this happens, we’re better off asking how we can prevent it. The answer? Update your CMS version, be it WordPress or another platform, within a week or two of any new arrival. Second: be certain that each of the passwords associate with your website are absolutely secure with a handy tool like a secure password generator. Thankfully, every WordPress installation will alert the administrator of new updates immediately upon their availability within your administrative panel’s header. At that point, feel free to shoot us a message to let us know that you’d like to backup and update.

Your Browser

Web browsers are every Internet users’ portal into the Internet. Without them, you’d be supremely bored staring into an endless amount of code. Web browsers—including Internet Explorer, Safari, Firefox, Google Chrome, and more—are an essential part of today’s digital visual experience. While every browser is unique, a universal truth is that updating these pieces of software to the latest versions will not only keep your computer and offline space healthy, but will guarantee a better viewing and navigation experience on your website and others’ as well.

Unfortunately, not all web browsers are created equal. While each one reads the building blocks of your website in many of the same ways, some browsers and versions will be able to recognize your website’s code for a great feature, while others will not. Unfortunately, this means a poorer visual experience for those who are not up to date. Everything from the way your fonts are displayed to the positioning of your photos can be skewed by old versions. Although the latter is more easily corrected using various coding techniques to work around the issue, it is tedious and therefor costly work that can be easily avoided.

Even worse, just as older versions of WordPress will leave your website susceptible to hackers, so will older versions of your browsers. Both can lead to a greater chance of infection on your computer.

Browser hacks can include worm-like files that will easily and quickly skirt their way around dated security measures, or a Trojan file that may stealthily disguise itself as a routine download thanks to dated user interface designs.

What can you do to avoid these potential headaches for both you and your computer?

1. Never download a file whose origin you are uncertain of, whether it is from an e-mail or the greater Internet.
2. Make certain that each of the passwords for your e-mail, online banking, and any other personal login are secure and difficult to guess. Using a variety of random numbers and symbols is a good technique, and many online random generators will take care of this task for you.
3. Upgrade your browser version immediately after a new release. Generally, most modern browsers will quickly alert you to these updates, but it can never hurt to check.

If you’re uncertain as to whether you’re running the latest version of your web browser, take a look at our friends over at Browse Happy whose mission is to ensure happier browsing through the installation of the latest versions for all.

In Conclusion…

Ultimately the most important message that we’d like to share is that by failing to work with the latest versions of both your CMS (like WordPress) and your web browser may lead to some of the tricky and unfavorable outcomes we’ve detailed above and even some we haven’t.

Thankfully, here at Blog What? Design we’re experts at ensuring that your entire CMS-powered website is backed up and that your newly upgraded versions run smoothly. For a limited time, mention this newsletter to your project manager and receive a 30% discount on as many upgrade and backup iterations as you please until Dcember 1, 2011, and just in time for the projected major release of WordPress 3.3 on November 15, 2011. This includes a discount on both your backup and upgrade hourly charges.

Happy browsing!