Website security is a critical part of doing business. Your CMS (content management system) choice has a huge effect on your ability to maintain security.
A CMS needs to be robust and easily kept up to date. Out of date CMS’s are one of the three primary targets for hackers, along with weak passwords and cheap hosting.
Most websites are built on open source systems – WordPress, Joomla! and Drupal are the Big 3, but there are 100’s. Open source is definitely the way to go. It doesn’t tie you into a particular developer and you get a lot of functionality and security very cheaply. Open source systems; however also attract a lot of interest from hackers, but it’s just a matter of keeping them up to date.
Updating WordPress is a reasonably simple process, but Joomla! and Drupal can be a challenge. Both Drupal and Joomla! have broken upgrade paths. This means that at certain points in the software’s history, the developers refactored the core structures, making updates extremely difficult.
Upgrading from Drupal 6 to 7 to 8 requires significant work, expertise and cost, which will often deter businesses altogether.
Drupal explains the difference between ‘updating’, ‘upgrading’ and ‘migrating’ in great detail on their site. Uughh! Business owners have better things to do with their time.
Old software is the low-hanging fruit for hackers.
Joomla! is similarly messy. Upgrading is technically a re-build and not something that a business can usually do by them self. It means that they are stuck with old software, which usually also puts them off from making other content or styling changes that could improve sales and conversions.
It’s true, WordPress is hacked more than any other CMS, but that’s because there are more websites built on WordPress than any other system. WordPress drives about a quarter of the Internet in 2016.
Being popular makes it a target, but on the flip side, it’s unbelievably easy to maintain. The upgrade path is unbroken and users can smoothly upgrade their websites with minimal time and stress. A web developer is only required on heavily customized or high redundancy sites.
There are also some great plugins to secure your site. They are free and easy to set up.
What ever system you use, get in the routine, or get us in the routine of upgrading your software every month. It will save you a lot of heartache and embarrassment.Posted by Chris Garrett on 16 November 2016