With the simple five minutes installation and many available one-click packages WordPress is easy to install for new websites. In fact you don’t even need to know very much about HTML, PHP or MySQL to get it running in most cases.
This is great when you’re just starting to discover the possibilities of running your own CMS. However, when using WordPress or any other self maintained publishing platform, it is of utmost importance to also consider regular technical maintenance and upgrades.
According to wordpress.com, the commercial branch of the organisation, over 70 million sites are currently hosted with their CMS. Around 20% of all new websites published in 2011 were based on it. In the market of CMS it clearly outranks it competitors with a share of over 50 %. Joomla is estimated with 9%, Drupal with around 7%. In the repositories of WordPress there are more than 26.000 plugins as well as over 2.000 themes available to download for free.
Consequences of popularity
With the popularity come a lot of benefits. The framework is developed further very actively and new features are implemented regularly. Almost for every need there is already a plugin available and the community is very helpful. On the other side it also makes it an interesting target for automated attacks. In order to recruit computers for future activities or spread malware to the users of an infected site. A good example are the recent attacks on WordPress and Joomla in August this year.
Stay ahead and update WordPress
The basic installation leaves quite a few doors open for potential attackers. However with security plugins such as Better WordPress Security and Wordfence most of the standard issues can be addressed. Common sense also helps when creating administrator accounts and selecting save passwords so a brute force dictionary attacks are not possible.
But most important: with the community being active and developing the framework further every day, also security issues are tackled with each update. Since version 2.7 an automatic update option is integrated into the back-end so again it is a pretty simple process to stay up-to-date. There is really no excuse not to update!