If you have a website, be it for business, social or personal reasons and you are able to update it, then it’s likely that it runs on one of the major CMS (content management systems) such as WordPress, Joomla, Umbraco, Drupal or Expression Engine.
The CMS is the operating system to your website, its content and database and just like your PC tablet and mobile phone have an operating system, it too requires ongoing maintenance and patches to ensure the site remains secure, usable and ultimately safe to use. Unless you are an expert, it is advisable that you have your website fully managed and supported (such as with using OJE Assist for your website support) so that all you have to worry about is the content and promotion of the website (find out more here). With GDPR coming into force on May 25th, website security is now more important than it ever has been to date.
If you choose to patch the website yourself, then you need to set aside a large amount of time so you can upload all the files and ensure you have the skills necessary to test and fix the site if it breaks following a patch. You will also likely need to plan for site downtime which if you’re not sure what you are doing could end up being a number of days. You also run the risk of damaging your websites design and functionality which you have spent time, effort and money to build. Patching is the first step to keeping your site secure and so is essential to your websites long-term success.
25 Risks You Avoid with Continuous Website Support
If you choose to not patch your website leaving it unsupported and as it was when you first designed and developed it, then overtime you will ultimately face the following issues:
1. Your website will be insecure, not fit for purpose and will place your website users at risk of downloading malicious software, viruses and malware from your site.
2. Your site will become flooded with spam entries which will contain offensive content and links to malicious sites which will be uncontrollable.
3. Your sites load time will get slower and slower and become unstable and unusable.
4. Malicious images may appear throughout your site where you least expect.
5. Your site may become controlled by Botnets which may lead to your website becoming involved in cybercrime.
6. Your website could become hacked and defaced by an inappropriate image or message.
7. Credit card details, user accounts and other sensitive information may be stolen.
8. You may find yourself in breach of the data protection act (DPA) for not securing personal data.
9. Your site will come under continues brute force attack until it is broken and unauthorised super admin access is gained likely without your knowledge.
10. You may need to rebuild your site from scratch as it may be completely unsalvageable following a major hack.
11. Your business image, trust and professionalism will be greatly damaged.
12. Your hosting provider may decide to terminate their hosting services as it will affect other customers of theirs.
13. Your site will not work on the latest browsers and will become unstable.
14. Your site may begin placing malicious popups onto your web pages which force users into entering personal data unknowingly.
15. Your website functionality will begin to fail and no longer function as expected causing loss of business.
16. Your website will fall down the search engine rankings such as in Google or in Bing.
17. Your website may become cloned and used elsewhere which can damage or destroy your brand.
18. You may experience thousands of bogus comments which contain offensive language and links.
19. Your website may become ‘trolled’.
20. You may lose complete control of your website and have your super admin login details altered to prevent you from even fixing the site in the first place.
21. Your contact forms may stop working and result in loss of business or contact details.
22. You will experience a large amount of website bugs which may become unmanageable.
23. Your site will begin to show numerous 404 error messages.
24. Social media integrations will break and your site will drive further scrupulous traffic to your other communication platforms.
25. Your site will experience a DOS (Denial of Service attack) and force it offline.
These are just some of the dangers facing an unsupported and insecure website and it’s not just the CMS patches which are required.
You Need To Do More Than Just Patch Your Website
Even if you leave your website fully patched this does not mean that it is secure. In fact, if you are operating from a shared server, then there is nothing stopping other users from other websites going through a back door and attacking your site. This is why it’s becoming more and more important to function from dedicated platform to prevent the risk of a back door attack. On a dedicated platform bespoke security settings can be set which attune to the CMS being deployed and used. There is no such capability on a shared server.
As well as operating from a secure server, you need to ensure that the server hardware is kept up to date along with the software which is used to manage the server such as cPanel or Plesk and WHM. These too cost money and licensing, but without it all you would have is slab of metal. If the server is kept un-patched then this too would make your website vulnerable to attack.
You also need active firewalls and active security software running on your website too, which protects against brute force attacks and unauthorised entry by blocking IP addresses after a certain period of time and other features.
Given that CMS are so widely used at OJE we also protect against standard entry points to protect users further and to protect the website’s integrity at all times. We also provide custom security software and plugins which further strengthen the standard CMS defences.