More Proof of how notoriously insecure Wordpress is - hacked yet again!
If you own, or have owned, a Wordpress site I'm sure you've heard the advice, "Make sure you keep your plugins, themes, and Wordpress updated to avoid security issues." Solid advice. Because those plugins and themes get hacked all the time. According to a Forbes article 30,000 Wordpress websites are identified with malicious code every day. 30,000!!!
"But wait!" you say, "Wordpress is the standard CMS platform for websites these days. It can't really get hacked that much..." No seriously, it does.
Just recently a security issue with the NextGen Gallery plugin, one of the most popular and standardized plugins available on the Wordpress platform, was discovered. According to Bleeping Computer, "A WordPress plugin [NextGen Gallery] installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database."
Without getting too much into the technical side of why this happened I'll just let one user's comments on the article sum it up:
To get hacked because of poor sanitizing of inputs is downright embarrassing in this day and age.
So why do Wordpress sites get hacked so much?
Too many unregulated moving parts to put it simply. I've seen some sites and articles suggesting up to 40 recommended plugins to make a Wordpress site optimal and modern.... That's insanity. That's 40 different chinks in your website's armor while hungry hackers are circling.
No to mention with Wordpress you have to manage your hosting, domain, theme, and database on top of your plugins...
This just reassures my decision to say goodbye to Wordpress. Forever.
I've already been on the bye-bye Wordpress train, but this recent news just reassures my decision in 2016 to drop that problem-prone platform and make a permanent upgrade to Squarespace. Thanks to the recommendation of Jesse West of HelpMeJesse.com
First of all: Security - Squarespace handles everything from servers to your site's code in house. It's in their best interest then to make sure everything is in tip-top shape and secure. Fewer hands in the pot = less things to go wrong. PLUS if something goes wrong THEY will fix it. Because it's all under their roof. Amen. *Insert praise emoji here*
Second of all: Support - Wordpress branded support is pretty much nonexistent. If you have a problem with your Wordpress site you're stuck either scouring the forums for hours, reading through long un-specific PDF guides, or hiring someone to fix your problem. Squarespace not only has a wonderful help forum, but if you're really stuck YOU CAN ACTUALLY TALK TO THEM via their 24/7 support chat. No phone support, but I have not once been disappointed by that. I've always been able to find the help/answer I needed either through their online support chat or just a Google search.
I didn't mean for this post to turn into a Wordpress-bashing, Squarespace-praising, sales pitch when I first started writing...but man... when you're passionate about something it just comes out right?
Hopefully, even if we never work together, this article makes you look a little closer at your happiness and security with your current CMS and encourages you to consider other options.