Website Upgrades: Is my site secure?

Please take note of this warning advisory: Due to recent technical changes and increased hacker activity, your website may be at risk.

virtual computer lockWhile any aging website can be susceptible to hacking, this article is specifically intended for those running older versions of WordPress. WordPress is one of the most popular platforms for building websites. With the flexibility and functionality provided by WordPress, it’s not hard to understand why it’s a favorite tool. Of course, with the good, comes the not so good…

Over the past few months, it has become increasingly evident that it is crucial to keep your WordPress installation and its plugins up-to-date. Remember, WordPress is the engine that runs your website. Each year, in order to protect against increasingly sophisticated and determined hackers, WordPress makes three or four major revisions to its program and adds a dozen or so new security patches. In addition, each of its plugins — the small programs that run within WordPress for extra functionality — also gets updated.

In plain English: It is absolutely essential that WordPress updates be applied to your website on a regular, ongoing basis — for your security and convenience as well as that of visitors to your site.

If your site seems to be running smoothly, you may be asking, “If it ain’t broke, why fix it?” So long as your site is working, is updating really necessary? The short answer is “yes.” A neglected website isn’t like a car in need of an oil change that gradually runs rougher and rougher, emitting black smoke and making weird noises, giving you plenty of warning before the engine is seriously damaged. Unfortunately (or fortunately depending on how you look at it) your website will probably work just fine without the protection of updates — right up to the moment it crashes and/or is hacked. Once that happens, repairing it will be time-intensive and expensive.

While there are “upgrade buttons” available in WordPress, the process actually requires a high level of technical proficiency, so it’s not generally recommended as a DYI project. If you are considering tackling the upgrade of your site, please click here to read my article, “What you should know before upgrading WordPress yourself.

Help Computer SupportAlternatively, you may prefer to engage one of our professional maintenance/upgrade technicians to bring your site up-to-date and keep it that way. If you are interested in this option, you are welcome to simply shoot me an email or give me a call, and I’ll be glad to send you a cost estimate, based on the age and complexity of your particular site.

You may also want to take this opportunity to add new features to your site or even to do a full facelift. Just let me know what you are considering, and I’ll be happy to discuss the options with you.

Please feel free to call (503-828-1763) or email me with any questions.

What you need to know before upgrading WordPress yourself

On the surface it may seem that upgrading WordPress is simple. Click a few buttons, and *poof* you are upgraded. The truth is, upgrading a site correctly is considerably more complicated than it may appear. It is also essential to recognize that if you happen to make a mistake while undertaking the process, you may actually lose your site entirely.

So, please be sure that you fully understand the following information and advice before attempting to upgrade WordPress yourself.

Backup

Every set of instructions for upgrading WordPress starts with backing up. Often you are told to back up the WordPress files, and the WordPress database, but there are also many plugins and systems that need to be backed up.

Most instructions for back up fail to mention one important detail about doing back up which is this: In addition to knowing how to back up your site’s components, you also need know how to restore your website from the backup data, if something goes wrong. If you don’t know how to restore your site from its backup, and you have a major problem, the downtime and expense of hiring a professional to resurrect your site (and then upgrade it correctly) are likely to be costly. If you are not fully confident in your ability to cope with such issues yourself, you may do well to simply choose the less costly and frustrating option of simply engaging a professional to do the upgrade for you.

Note: If you do attempt to do an upgrade, and you do run into problems and then can’t restore your site from backup, you should promptly contact your host. In some cases your host may be able to do a server-level backup restoration for a nominal cost. It’s essential to request this service as soon as possible, because automatic host-backups are conducted frequently. If you call for help after the host has already backed up your new broken version, they won’t be able to restore your old working version.

Check current functionality

An often overlooked step in preparation for upgrading is to first check all working details of your site to make sure everything is currently functioning correctly. If you run the upgrade without having first carefully looked at every aspect of the site, if a problem shows up, you won’t know if it was already there or is a result of the update. This confusion can make troubleshooting much more difficult.

Check for server space

Before upgrading, you should verify that you have plenty of disk space available within your hosting account. If you are saving your backup to your hosting space, check the space after running the backup, as it will take up quite a bit of space. You want to have at least 100mb of space available before running the upgrade. If you run out, you will have problems. If you run out of space, you may not be able to restore your backup.

Upgrade order

It’s best to run the update in a specific order. You should upgrade your plugins first, WordPress second, and lastly themes. After upgrading WordPress, some plugins may need to be upgraded again.

Check plugin upgrade functionality

The most common problem people run into when upgrading is that they have a plugin that’s not compatible with the newest version of WordPress. You might expect this would simply affect the functionality of the offending plugin, but it often crashes WordPress altogether. It’s important to research your plugins and replace any that won’t be compatible with the new version of WordPress. Replacing a plugin requires that you understand exactly what it does so that you can find a suitable, compatible alternative.

Note: When choosing a plugin (to replace an incompatible one or to add functionality to your site), it’s important to find one that’s well supported. You want one that has a lot of downloads, good ratings and that has been recently updated. Often older plugins that meet these criteria are the most reliable. There’s also some advantage to choosing a plugin that has a paid upgrade option, even if you’ll only be using the free version. This gives you a potential avenue for obtaining more support in case of a problem, and if the author is making money from the plugin, he or she is more likely to keep it up-to-date.

Check functionality after update

Before you start checking your site, be sure that cache is disabled. It’s possible for everything to look ok on your screen because it’s actually a cached version of your old site.

You’ll want to check each page on the site. Keep an eye out for shortcodes. A shortcode is an instruction within square brackets, such as: [EXAMPLE=YXZ]. When looking at a site, the shortcode shouldn’t be visible. If you can see the shortcode, it’s an indication that a plugin isn’t working or conflicts with a shortcode used by the theme.

Don’t forget to check forms, photo galleries (clicking on each image, etc.), and any other dynamic features on your pages. If you have mobile functionality, you should test the site on a smartphone as well.

Once you are satisfied that your site is working properly, you can turn your cache back on, and you’re done.

If you do run into a problem, you’ll have to determine if it’s specific to a plugin or if it’s caused by something else. Depending on your level of expertise, you may need to call in an expert. You’ll want to make that decision quickly, because troubleshooting becomes more difficult the longer you wait. This is why it is so important to promptly, carefully check your website after updating it.

Disclaimer: Please note, that this is not a “how-to” guide for upgrading WordPress.

There’s a reason this is article is called, “What you need to know…” and not “How to….” Its purpose is simply to help ensure that you understand the scope of the process and the technical skills required to upgrade WordPress. If you do not have a solid understanding and the necessary skills to perform all the elements in this process correctly, you are urged to not attempt to run your own update.

If you do decide to do an upgrade and want to learn how to do so in detail, you can search Google and YouTube for tutorials. You should review several tutorials to get a good overview. Focus on those that are most recent, as the upgrade process varies somewhat with each new version.

Note: Consider the age of your current WordPress version. The older versions are more likely to have problems in the upgrading process. If you are updating a version that is more than five major revisions behind the current version, you can expect to have some serious issues. Click here (https://wordpress.org/news/category/releases/) for version release information.

All professionals are not alike

The above information represents our best practices protocols for running upgrades. That said, not every web developer will follow all of these guidelines. Some prefer to just do a backup, immediately start upgrading everything, and then fix things as they go wrong. We don’t recommend this approach for two reasons: First, it often results in excessive downtime for your site, and second, it generally takes longer than just having a system in place that will prevent problems before they happen.

Note: As professionals at Justin’s Web Design, we have more tools and systems for eliminating problems than are available to the average person. For example, when updating a very old, and/or complicated site, we’ll often clone the site and then run the updates in a temporary location. This is the most secure way to run an update, because the live site is not altered and remains fully intact.

Maintenance

The best way to prevent issues and keep your site running well is to have it professionally maintained. Instead of doing major updates infrequently, having monthly maintenance keeps your site consistently current and protected by the most recent updates. Having a professional maintaining your site also gives you the peace of mind of knowing that a knowledgeable technician is on the front lines if you run into a problem. Additionally, a good, proactive webmaster will look for opportunities to make your site run better and be more secure.

If it ain’t broke…

If your site seems to be running smoothly, you may be asking, “If it ain’t broke, why fix it?” So long as your site is working, is updating really necessary? The short answer is “yes.” A neglected website isn’t like a car in need of an oil change that gradually runs rougher and rougher, emitting black smoke and making weird noises, giving you plenty of warning before the engine is seriously damaged. Unfortunately (or fortunately depending on how you look at it) your website will probably work just fine without the protection of updates — right up to the moment it crashes and/or is hacked. Once that happens, repairing it will be time-intensive and expensive.

Hopefully this article has given you a better understanding of what is involved in updating WordPress. Please don’t hesitate to contact me with any questions.

About the author

A professional web developer since 1998, Justin Feral-McWhirter launched Justin’s Web Design in 2005. In building more than 100 WordPress sites, his focus has always been creating cost-effective solutions for small businesses. To that end, Justin’s Web Design technicians developed an affordable, professional WordPress website maintenance program, which is now utilized by dozens of satisfied clients.

San Antonio TX Web Design

We’re traveling the country and have setup a virtual office here in San Antonio. We’ll be physically here until 1/19/2013, however as always, we’ve setup our business to help people anywhere. If you are looking for a web developer in Texas, or anywhere in the world, we’re here to help.

Local Contact Details

Address:
10919 Town Center Dr.
Suite: 315
San Antonio, TX 78251

Phone: 210-321-9637

Here are some San Antonio Business Resources:

The Chamber of Commerce
The chamber has been helping local businesses since 1894. The focus is on making the ‘River City’ more business friendly by promoting local companies, and creating events.

Official City Website

Wiki Page

Here are are some videos from the city…

Flagstaff AZ Web Design

Flagstaff Arizona

Flagstaff Arizona

We arrived in Flagstaff a few hours ago. As you may or may not know, we (my wife and I) are traveling across the country building websites and having fun.

We just spent 6 weeks in Vegas, and that was a blast, and now we are ready for the next stop on our adventure. That’s Arizona, and our first stop in Arizona is in Flagstaff. We are looking forward to seeing the Grand Canyon as well as several other wonders of nature that “live” in this little desert town.

Web Design in Flagstaff

I’ve spent a few minutes looking through the local ads, and see a stark lack of websites. I’m not sure if this points to a lack of interest in internet marketing, or a lack of education about the power of having a website. Either way, I’m looking forward to finding out.

Flagstaff Chamber of Commerce

On Monday or Tuesday I plan on contacting the chamber to see if I could put together a little seminar and help the locals learn more about internet marketing. These small businesses are my bread and butter and I know my web solutions can help them. The only tricky part will be figuring out the best way to spread the word.

New Referral Program

As you may know, my business is built on referrals. In the past I’ve avoided setting up a referral program, because it’s very important to me that the people who are spreading the word about my business, are doing it for the right reasons. That said, I’m not against rewarding those who send me business, if it helps people keep me more top of mind.

The tipping point came because I just signed up for a new social media site called ReferralKey.com. This made it dead simple to setup a referral program, so that’s what I did.

I’m going to add a twist though, when you send a referral through this system, let me know if you’d like cash, steaks (You’ll see), etc, or you can choose a one of two options that they don’t give you. 1) Charity, let me know what charity you’d like me to send the money to and I’ll send it there instead. 2) Credit on your account, if you are a current client or plan on being a client, you can have the referral bonus added as a credit on your account for current or future business. If you are choosing one of my added options, just mark the option of “no reward” and put in the comments how you’d like your reward distributed.

Updates for an RV Website – RV Northwest

RV Northwest

RV Northwest

Client Name: RV Northwest
Website URL: http://www.rv-northwest.com/
Category: RV Rentals / Sales
Location: Beaverton, Oregon

Site Updates: Ongoing
Service Type: Website Updates

Project Details:
Ted at RV Northwest was happy with his site, and just needed some updates made. The previous web designer was no longer in the picture, so he needed some help. I came in and learned his system, so I could assist in updating the website.

Short Description of Business (from the website):
“Located in Portland, Oregon, we offer Class A , Class B+ and Class C motor home rentals, and a wide variety of travel trailers including pop-ups. All our rentals from tent trailers to diesel pushers are safe, clean and comfortable. We have over 80 units to choose from. We take great pride in our customer service.”

Website for Day Spa – Stepping Stones Day Spa

Stepping Stones Day Spa

Stepping Stones Day Spa

Client Name: Stepping Stones Day Spa
Website URL: www.SteppingStonesDaySpa.com
Category: Health & Fitness
Location: Portland, Oregon

Site Completed: September, 2010
Website Type: Affordable Website Deluxe Package with one additional page, custom color scheme, and custom header.

Project Details:
The folks at Stepping Stones Day Spa had a very specific idea of the look and feel they were after. This doesn’t always work with a basic website package, however we were able to get to create the design using a template and customizing the header and colors.

Short Description of Business (from the website):
“Step into our tranquil environment and feel the warmth embrace you – for here you are a friend, not a client. Know that you are in competent, caring, knowledgeable hands no matter which of our services you request.”

Testimonial:
“I have worked with Justin at Justin’s Web Design twice now designing websites for 2 different spas that I have worked at. Our first website was fairly simple – we picked a template to use but had a customized header and footer. The hardest part was writing the text to have inserted into the template! Once we got all the text and pictures to him, Justin got our website up and running in a week. No small feat when I look back and see how much he had to guide us through because we were “newbies”.

Our second website was more of an adventure. We picked a template but we customized the header/footer and the colors plus added more pictures. I must say that Justin did a great job of matching the colors we wanted because I did not have the name of the colors or the exact RBG. Once all the text and pictures were sent to him, Justin had the first draft ready in just a few days. We corrected a few grammar errors, moved a few pictures around and next thing you know, our website was functional and on the internet for all to see!

I also need to add that Justin is very patient. There were several times when I promised to get things to him on a certain day or time and I did not deliver on my promise. But Justin never got upset, he just patiently waited for my partners and me to get our act together and make decisions that needed to be made. And if we were uncertain about anything, Justin would make suggestions and let us go from there.

The best part of all is that Justin’s prices are reasonable. As a new business, we could not afford to pay someone five or ten thousand dollars to build us a website. Yet we needed a professional site for our spa, not a site that looked like we had done it ourselves. Justin delivered a quality product in a timely manner at a reasonable cost. We could not be more pleased with his work and his professionalism.

So far everyone who has visited our website has raved about it! They love the layout, the colors, the ease of use, etc. You can see what a great job Justin did by visiting our website: www.steppingstonesdayspa.com.

Noreen LeSage
Esthetician/Co-owner
Stepping Stones Day Spa”

Website for Painting Contractor – Dan Pike Painting

Dan Pike Painting

Dan Pike Painting

Client Name: Dan Pike Painting
Website URL: www.DanPikePainting.com
Category: Painting Contractor
Location: Beaverton, Oregon

Site Completed: October, 2010
Website Type: Affordable Website Economy Package with one additional page.

Project Details:
After having several prospects ask about a website, it Dan decided he needed to have one. His goals included adding credibility, being “found” online, and giving information to clients and prospects.

Short Description of Business (from the website):
“Dan Pike Painting Co. LLC would like to provide you with our painting services. We have been in business for over 21 years. The company specializes in residential and commercial painting.”

Testimonial:
“Justin was great. I really had no idea what I wanted except something basic to explain our services and to be able to
add pictures to the website. Justin was very informative answered all my questions and gave suggestions. What amazed me the
most is once I got all the information together that Justin needed to design the website he had it up and running in 2 days. He did
an excellent job and I am very pleased with the outcome. Thank you Justin! www.danpikepainting.com “

Website for Counseling, Coaching & Training Center – Apositiva

Apositiva Website

Apositiva Website

Client Name: Cat Wilson & Richard Aanrich
Website URL: www.Apositiva.com
Category: Counseling, Hypnosis, NLP
Location: Beaverton, Oregon

Site Completed: September, 2010
Website Type: Advanced Marketing Solution with Extra Customization & Features

Project Details:
Richard & Cat needed a site to educate clients & potential clients about the ways NLP & Hypnosis can be of benefit. Additionally, they provide free audio samples and other training through the site. They also offer classes to teach NLP & Hypnosis, so putting all the elements together within the site was the most important piece of the puzzle.

Short Description of Business (from the website):
“Apositiva serves all individuals or businesses who wish to make A Positive Change. As we look at the challenges or problems that needs changes, we gain insight by defining more clearly where you are right now and why it’s not working. Then, we support helping you decide what needs to happen…and work together to make those changes. Effective changes can usually happen quickly because we utilize time-tested and proven modalities including Clinical Hypnosis, NLP, EFT, Personalized Counseling, Dynamic Coaching, and Specific Training exercises which lead you to that positive outcome you want.”

Testimonial:
“Patience Imagination Technique

Justin McWhirter and his wife Tearei took our website challenge with expertise, patience, and imagination. We were referred to him by coach TJ Helm. It took us a long time to get our wits together and figure out what we wanted, but once we started the conversation with Justin the site just flowed. Justin kept us on track. He offered solutions to problems we hadn’t even considered, like placement of topics in more effective perspectives. Once the site was launched, Justin and Tearei were like a couple of doctors who worked with us through the night, making sure the site arrived healthy and alive!

If you want want an advanced site, and need a team you can trust, that approaches the project from different perspectives, and technical expertise to back you up when you need it, you’ll want to talk to Justin & Tearei. You’ll never know how far you can go with their imagination!

Enthusiastically,

Cat Wilson

Apositiva Institute
Coaching, Counseling, Hypnotherapy/NLP, Human Empowerment Workshops”

Cheap Laptop or Best Laptop?

I’m trying to decide between getting an inexpensive laptop, or one of the new I7’s. Of course my geek side wants the best and I’m looking at using it to replace my desktop. Certainly this is the direction I’m leaning. I’m looking at the least expensive of the best laptops.

As far as the brand goes, I’m going to go with a Toshiba. I’ve had one of these for a while and I think it’s one of the best brands out there still. I used to be a fan of Dell, but I’ve had a couple of bad experiences with them and I’m not willing to go that route. I’ve checked out Office Depot, Best Buy, Amazon, and a few other places but it seems like the best place to buy one is at ToshibaDirect.com.

Please shoot me an email or give me a call if you have any relevant feedback as far as my decision goes.