Outdated, Unpatched, Abandoned: An Invitation To Come Inside
Do you remember when your mother used to tell you to clean up your room?
I don’t want to sound like your mother or like a broken record, but: When was the last time you cleaned up your server?
Just yesterday the guys over at Wordfence released an article on the latest attack on WordPress sites (Massive Cryptomining Campaign Targeting WordPress Sites); and that during their research they found out that the attack could at least partially be attributed to an unmaintained WordPress installation on a client’s server.
And only 2 weeks ago we found a total of 6(!) outdated and abandoned WordPress installations on a new client’s server; the oldest one dating back to 2010.
(Needless to say the client had no idea. No idea what we were talking about, that is)
OK, Great. Who’s Responsibility Is It?
The website owner only wants his website to function properly, and in most cases doesn’t know (or care) what’s going on behind the scenes.
It’s what the developer, the webmaster or whoever else is responsible for the website’s continued functionality gets paid for.
Unfortunately your problems are just beginning:
– Most of the (website-)security-related tasks go way above most people’s heads.
– Most likely because most so-called web designers nowadays have never touched a single line of code. For them it’s all click, drag, done. Why bother?
– Most problems can be solved by installing yet another plugin (NOT).
– Most likely “it’s someone else’s problem” (the hosting company, the previous admin, the man in the moon, etc… *sigh*)
The Key Is Education
– Education for clients (=website owners) that website maintenance is a necessary evil – like a dental check-up. You might not like it, but if you see a professional, it might save you a lot of pain (literally and figuratively) later.
– Education for all web developers, webmasters, and website managers out there. Either read up on it yourself (quickly!) or at least ask for help from a professional and don’t put your clients’ website (and maybe their and your livelihood) at risk.
One More Thing:
– If you don’t need it anymore, delete it.