How often do you update the themes or plugins on your website? You should log into your site as often as you wash your hair. Here’s why, as well as options to take the pain out of updates.
Let’s talk about your hair: Those luscious, luxurious locks take a bit to keep looking their best (no matter if you are sporting Lady Godiva length or the rocking the polished billiard ball look).
Most people wash their hair a couple of times a week to keep it clean and glorious. They brush it regularly and visit their hairdresser to have scissors or cutters waved artfully in the general direction of their head.
Now, for a moment, imagine that you have decided you are too busy this week, so you let the hair washing slide. In fact, you are too busy next week and the next week and the next. You keep meaning to get into that shower and wash your hair, but life gets in the way and days turn to weeks turn to months with no hair washing.
Life is so busy that you don’t even have time to brush your hair. It doesn’t matter if you are buffeted by high winds as you brave the wintry walk down the main street in your CBD, you are too busy to brush.
Had a great day swimming at the beach with some seriously gnarly waves? Beach hair: don’t care.
Suddenly swamped by 30-50 feral hogs rampaging through your quiet backyard when the kids were playing? Too busy to brush.
And as for your hairdresser? Well, they were just someone that you used to know.
Your hair grows wild, tangled and matted, and you suddenly find yourself always getting seats alone on the bus or train, and people give you a wide berth when you walk down the street.
Why you need to maintain your website
Your website needs the same care and maintenance as your hair.
WordPress (the engine of most small business websites), the theme that gives your site its look and the plugins that give your site their extra functionality, all need regular updating.
It used to be fine to pop in once a month and click a few buttons. What we are now seeing is security patches on security patches on security patches across the WordPress microcosm.
If you follow any of the security vulnerability company’s Twitter feeds, each day, they release multiple notices of vulnerabilities across stacks of plugins. The rates of attack are increasing.
According to Sitelock, even the smallest website averages 62 attacks a day.
Out-of-date WordPress, plugins and themes are the number one source of hacks into a website.
36.7% of sites Sitelock clears were running old versions of WordPress.
61% of sites Wordfence clears of hacks were running old themes or plugins.
Once a month maintenance no longer cuts it. You need to be maintaining your website as often as you wash your hair.
But what about the PHP?
Then there’s the PHP version accessed through your hosting. Your WordPress website is powered by a code language called PHP. The only current versions of PHP that are supported and which have security patches applied are 7.1, 7.2 and 7.3 – and 7.1 hits end of life on 1 December this year.
74.7% of all WordPress websites are running on unsupported versions of PHP or 7.1.
Later versions of PHP are more secure than earlier versions – they also make your site run faster. Get onto your host to make sure your sites are running the latest stable version of PHP and get the extra security and speed boost while you are at it.
Options for ongoing website maintenance
There are loads of different options for website maintenance, depending on how hands-on you want to get.
The free option is to learn to DIY. It isn’t hard. You just need to get into the discipline of doing it regularly and knowing the look and functionality of your site, so you know if something goes pear-shaped with an update.
This gives you the ultimate fine-tuned control, and you get to know the nuances of your site, so you are not running updates when you are sending out newsletters or when there is a sudden influx of traffic over that viral blog post you wrote.
The next step up is you can look at plugins to auto-update everything for you (e.g. Companion Auto Update, Easy Updates Manager or Jetpack).
The paid version of Easy Updates Manager gets around a lot of the common bugbears of automated updates. It links to Updraft Plus to take backups before updating; it has a delay feature, so those plugins and themes that have a nasty habit of releasing major updates and then releasing multiple patches are dealt with; and it has an email alert feature if your site goes down after an update.
Personally, I am not a fan of auto-updates as you never know when an update will break your site (and which one it was so you can roll it back). They are also resource hits and can also be a bit finicky with paid themes and plugins and can’t be used with custom themes. I definitely wouldn’t use one if you haven’t updated your site in ages, but they are still better than nothing at all.
There are premium web hosting companies that offer full site maintenance as part of their managed hosting plans (e.g.: Kinsta, WP Engine, Pagely, Flywheel). They are premium for a reason, and their pricing matches the service.
Ask any host that offers “managed hosting” if that means they will update ALL themes and plugins for you, or if you still need to do some yourself. Most still require you to do some DIY for paid themes or plugins not in the WordPress repository.
You can also pay a web designer or VA to do your website maintenance for you. If you head down that path, ask what is included in their maintenance plan as not all offer the same service (e.g. Do they include bug fixes if something breaks on your site? Do they manually look over your site after each update to make sure things look the same? What happens if you are hacked?)
These should be the kid-gloves version of website maintenance. For my client sites on maintenance plans, I manually run updates once or twice a week, spinning the site out into testing sites if the change is a major one and I want to make sure that the update won’t break something. I also take on the plugin or theme developers on client’s behalf if things break to help them resolve problems.
Regular website rescues just make sense
I regularly do website rescues where someone hasn’t updated their site in years. In most of these cases, the site owner didn’t realise that their web designer or their host doesn’t do all the maintenance and updates for them forever for free.
If you are not sure who is responsible for updating your website, then go back to your web designer and ask them (and be prepared for an unpleasant shock).
Not updating your PHP, WordPress, your themes or plugins on your website is like not washing, brushing or maintaining your hair. It quickly turns into a tangled mess that takes a bit to tease out the knots and get looking the way it should.
For some of the sites, we can tease out the tangled mess and update things and fix things that break on updating it to the latest version.
Many of my rescue sites run plugins that have been abandoned by their developers many years ago (a bit like trying to use a floppy disc in your laptop), and we need to find safe and current alternatives.
With other sites, the only option is to cut out the knots and start again fresh on a new website. The cost to fix is more than the cost of a whole new website.
The trick with a business website is to get into a routine from the first moment you get access to your new website and keep on top of the maintenance. Otherwise, you may find your website has a much shorter lifespan than it should have.Recommend0 recommendationsPublished in