At first glance, the title of this blog entry may seem sensationalist. However, on April 7, 2015, the FBI issued a press release revealing that a group claiming to be ISIL / ISIS sympathizers were targeting WordPress websites.
You can read all the details in the official PSA, but suffice it to say, this is a massive WordPress hacking event.
Typically, the issue is that vulnerable sites are running outdated versions of WordPress, plugins, and / or themes. If you haven’t upgraded WordPress in the last couple months, you’re at risk.
You can probably upgrade your website yourself, or if that makes you uncomfortable, pay a professional do it.
If your website’s software isn’t too old, you are probably relatively safe upgrading WordPress, the plugins, and the themes yourself.
We recommend the following steps:
- Back up your entire website using BackupBuddy or some other backup plugin.
- Upgrade WordPress, all plugins with updates, and all themes with updates.
- Check your web pages and functionality to make sure everything looks right and seems to work correctly.
- Back up your entire website again.
Even if you leave the backups on your website for a while, be sure to download them so you have a local copy as well. If you’re using BackupBuddy, make sure you also save a copy of ImportBuddy by going to BackupBuddy > Restore / Migrate in your website’s backend menu, and make a note somewhere of the password you set for ImportBuddy.
Of course, it’s entirely possible you’ll run into errors, even if your website is relatively up-to-date. You may not have enough room on your account to run the backup (we recommend at least 50% free space as a rule of thumb), or your server may not be configured correctly for the backup plugin to work.
And even if there are no errors, it’s possible that when you check the pages and functionality, something might be broken. In fact, the older the software, the more likely that is to happen. But it could happen at any point.
If you run into any issues, contact your web host or website provider. While they may have to charge you for the time, they can take the proper precautions to make sure your website gets upgraded properly.
You may try to do it yourself and run into issues, or you may just decide at the very beginning that you want an expert to handle it. Whatever the case, you’re usually much safer having your web company do the upgrade.
If you would like to talk about us helping you, feel free to contact us.