{"id":1875,"date":"2020-08-04T10:00:37","date_gmt":"2020-08-04T02:00:37","guid":{"rendered":"https:\/\/www.mondoze.com\/blog\/?p=1875"},"modified":"2022-09-25T00:38:19","modified_gmt":"2022-09-24T16:38:19","slug":"wordpress-plugins-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.mondoze.com\/blog\/tip-sharing\/wordpress-plugins-cybersecurity","title":{"rendered":"What You Need to Know About WordPress Plugins and Cybersecurity"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t

Plugins can do so much for your small business website. You can use them to make your WordPress site load faster, make your content shareable, collect visitor email addresses for your marketing list, and do better in search results. Even better, many of the best WordPress plugins that can upgrade your website and your business blog are free.<\/p>

It\u2019s important to make sure the plugins you choose are reputable and secure. Unfortunately, people can and do exploit plugins. Usually, this involves malicious scripts injected into plugins with security gaps.<\/p>

What do these malicious scripts do?<\/strong><\/h3>

Cybersecurity firm Kaspersky says the possibilities include site takeover, spyware installation, and cryptocurrency mining.<\/p>

Is Your WordPress Plugins Open to Threats? <\/strong><\/h3>

Choosing plugins is kind of like buying a car. You want performance, of course, but you also want something that\u2019s safe, reliable and easy to maintain. You choose a reputable car dealer and read reviews, so you don\u2019t buy a lemon. And you should get top-rated plugins from a reliable source, so you don\u2019t end up with a malicious plugin.<\/p>

Security experts consider WordPress.org\u2019s plugin directory to be the safest source for plugins. With more than 55,000 plugins, you won\u2019t run out of options, and the site solicits feedback and reviews from users.<\/p>

Check those reviews before you download\u2014not just the star ratings but also the user feedback. See what people like about the plugin. Read about any issues they\u2019re having with the original plugin or updates. Get a sense of how well the publisher supports the plugin.<\/p>

Also check out the number of active installations to get a sense of how many users trust the plugin. A good plugin can have just a few hundred users, but a plugin with thousands of users has earned a lot of trust.<\/p>

Check for Compatibility with the Latest Version of WordPress<\/strong>\u00a0<\/strong><\/h3>

So, you\u2019ve found a plugin with good reviews and lots of users. Before you download it, make sure it\u2019s compatible with your version of WordPress. (For security and performance, you should always keep your own website up to date on WordPress, too.)<\/p>

To ensure your plugins and WordPress are compatible, you need to know your current WordPress version. You can find it by going to your WordPress dashboard and clicking Updates. You\u2019ll see a notice that lets you know if you\u2019re running the latest version and gives you the version number.<\/p>

You also need to verify that the plugin you want is up to date. Most plugin authors are good about updating their products, but sometimes plugins are abandoned, or updates are slow to come. If you see a yellow box notice at the top of the plugin\u2019s page at WordPress.org, pay attention to it.<\/p>

Also check out the spec box on the page to see which version of WordPress it works with and how recently it was updated.<\/p>

If your chosen plugin is compatible, go ahead and try it out. If you decide it\u2019s not right for your site, delete it. Otherwise, you\u2019re going to have to keep maintaining it, even though you\u2019re not using it.<\/p>

That brings us to the most common way that good plugins go bad. When users don\u2019t update them, hackers may exploit them.<\/p>

Keep WordPress and Your Plugins Up to Date<\/strong><\/h3>

Like everything made with code, WordPress and plugins get updates for new features, improvements, and repairs. Sometimes those problems are small things that affect the way a plugin looks or operates. Sometimes they\u2019re security holes that need to be patched to keep hackers out of your site.<\/p>

When publishers announce security updates, hackers see them too. And they start checking for sites that haven\u2019t made the updates yet.<\/p>

Even if you\u2019re happy with the current version of WordPress and your plugins, you still need to update. WordPress and some plugins let you set them to update automatically, which you should do. For the rest, you have a few options for keeping things current.<\/p>

  1. Make your own manual updating schedule.<\/strong><\/h4><\/li><\/ol>

    This approach can work if you\u2019re able to commit to checking your site for update notices at least once a week. If you tend to kick small tasks down the road when you\u2019re busy, skip this approach. You could end up with site vulnerabilities.<\/p>

    Even if you decide not to do manual updates, it\u2019s a good idea to know how. Sometimes you may worry that an update will break your site, especially if your plugins haven\u2019t been updated to support the newest version of WordPress. You\u2019ll want to back up your site before you manually update and be ready to uninstall the update if there are problems.<\/p>

    Just as when you check to see which version of WordPress you\u2019re running; you\u2019ll go to your dashboard. Click Updates in the left column, just beneath Home. You\u2019ll see the update status for WordPress, your plugins, and your themes. If any are out of date, you can update them here.<\/p>

    1. Set up notifications for update and security issues.<\/strong><\/h4><\/li><\/ol>

      The WordFence Security plugin scans your site for security issues, including out-of-date plugins and pending WordPress updates. The free version of this WordPress security plugin lets you get email notices whenever your site needs an update. It\u2019s still on you to go make the updates. But this way you don\u2019t miss issues that crop up between your regularly scheduled updates.<\/p>

      1. Set up automatic plugin updates.<\/strong><\/h4><\/li><\/ol>

        If you have plugins that don\u2019t have an auto-update option, consider Easy Updates Manger plugin. Yes, a plugin to update your plugins\u2014plug inception! The free version lets you set some or all of your plugins to update automatically. This is the most efficient approach, especially if you run more than one website or run a high-traffic site with multiple plugins.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

        Plugins can do so much for your small business website. You can use them to make your WordPress site load faster, make your content shareable, collect visitor email addresses for your marketing list, and do better in search results. Even better, many of the best WordPress plugins that can upgrade your website and your business …<\/p>\n

        What You Need to Know About WordPress Plugins and Cybersecurity<\/span> Read More \u00bb<\/a><\/p>\n","protected":false},"author":1,"featured_media":13358,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":"","_wpscppro_custom_social_share_image":0},"categories":[30],"tags":[36],"_links":{"self":[{"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/posts\/1875"}],"collection":[{"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/comments?post=1875"}],"version-history":[{"count":7,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/posts\/1875\/revisions"}],"predecessor-version":[{"id":14175,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/posts\/1875\/revisions\/14175"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/media\/13358"}],"wp:attachment":[{"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/media?parent=1875"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/categories?post=1875"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mondoze.com\/blog\/wp-json\/wp\/v2\/tags?post=1875"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}