You're preaching to the choir!!I wish people would keep the plugins up to date. Most of the compromised websites I see in web usage surveys are Wordpress installations that have been compromised via an unmaintained plugin. (The other big problem is from Joomla installations.)
Regards...jmcc
Using a management tool like MainWP is great way to keep WordPress core files, plugins and themes updated from one central location.I wish people would keep the plugins up to date. Most of the compromised websites I see in web usage surveys are Wordpress installations that have been compromised via an unmaintained plugin. (The other big problem is from Joomla installations.)
Regards...jmcc
There was a big uptick in the last two months with a lot of sites being compromised with dodgy fake watch links.You're preaching to the choir!!
Out of date plugins OR out of date / compromised themes ..
The main problem is that people use Wordpress now like they used to use Dreamweaver a few years ago. It is a production tool for web devs and with customers treating their site like print brochureware, they rarely bother to get any ongoing maintenance contract for the site. There is a lot of Joomla 1.5 sites out there and many of them have been continually compromised for years. These compromises, Wordpress and Joomla, are different from the old defacement compromises in that they are link injections. The links and text are placed offscreen by CSS so that a human visitor does not see them but a search engine does.Using a management tool like MainWP is great way to keep WordPress core files, plugins and themes updated from one central location.
As for Joomla, it's update service has improved since version 3.x. It is still a heavy system with decreasing popularity, as is Drupal for that matter (in my opinion).
Yes I agree, and I think the solution is to sell maintenance as part of the contract. Websites are no longer one off builds.The main problem is that people use Wordpress now like they used to use Dreamweaver a few years ago. It is a production tool for web devs and with customers treating their site like print brochureware, they rarely bother to get any ongoing maintenance contract for the site. There is a lot of Joomla 1.5 sites out there and many of them have been continually compromised for years. These compromises, Wordpress and Joomla, are different from the old defacement compromises in that they are link injections. The links and text are placed offscreen by CSS so that a human visitor does not see them but a search engine does.
Regards...jmcc