In the wake of the Wannacry ransomware attack, WordPress announced a major security release update yesterday (unrelated to Wannacry) and the timing should be enough for you to take a step back to make sure you’re running the most recent versions of your web platform and network OS.
For many groups, all of this is handled by a third-party provider and if you fall into that group, it’s worth sending them a quick email to inquire if all is good.
But for groups that manage their own networks or use a bargain basement priced web host, you are probably on your own when it comes to making sure you’re running these latest updates.
For example, if you use WordPress and your site is hosted on an entry level account at Bluehost, HostGator, 1&1, InMotion, or GoDaddy automatic security updates are not likely included with your service. In addition to core WordPress, you’ll also need to check all your plugins and themes.
Speaking of plugins, if you’re using an ultra-low cost hosting provider, you probably have a site that cobbles together several dozen plugins to provide all of your functionality and each one of those may need updating as well.
If all of this stuff sounds like one huge headache, you might reconsider the return on investment of using a hosted, managed web provider service (#ShamelessPlug). Same goes for your third-party box office and customer relationship database services.