With more and more people wanting a more personal control over the content of their website, designers are turning more and more to Content Management Systems, or CMS to help their clients get what they want from a website. There are many systems out there, including Joomla! and Drupal but perhaps the most common, or at least the best known, is WordPress – because of that, for the purpose of this article we will be concentrating on WordPress, but many of the points are just as valid for the other CMS systems out there.
This kind of site is ideal for non computer savvy clients as they require no specialist knowledge for the consumer to use them, the client can type into titled boxes much like typing into a word document or email, and with a savvy designer can be made to look pretty much however the client wants, as well as giving the ability to add various “plug-in’s” to add to the over all usability and appeal of the site – there are downsides though, these range from the ability to perform effective SEO on the site, to the possibly slightly more serious problem of software being allowed to go out of date.
It is vital that if you are looking at getting a CMS site made for you that you establish who is responsible for upgrading the software when the time comes? It is important that this is settled as otherwise it gets overlooked, with the client not being aware they need to do the upgrade, or assuming that the hosting company is dealing with it, and the hosting company assuming that the client will be doing it – this can cause real problems not just for the client (who may potentially loose their site), but the host company as well as it compromises the security of their server by leaving often important security updates uninstalled.
Why does it matter if the software goes out of date, it still works doesn’t it? Is something I have been asked several times, by all sorts of people – and the answer isn’t always straight forward. All the CMS systems are in simple terms a set of programs that allow the server to read a database to generate the pages that you can see in your browser. But all programmes can have bugs in them as it is nearly impossible to test every single way that the computer may interpret the data it is given. There are people out there who devote their lives to finding and exploiting these bugs, or “back doors” which allow them access into your website (or your hosts server) and allow them to create mischief.
So yes, technically the site may still be working, but there may be a gaping hole in the program that in theory could allow someone to enter into your site behind the scenes and install something to steal your customers credit card details, passwords, etc, or even change the whole look and focus of your site.
In my preparation for this article, I found that there are several videos out there, in easy access that show how to hack out of date wordpress sites in less then 2 minutes using easily obtainable software, and there are blogs that show there are at least 7 ways to gain access to out of date wordpress, but remember, although I am focusing on WordPress, this is just as true for other CMS systems.
All of the potential security issues and lost sales can be easily avoided if you just check what version of your CMS you are running, and ensure that it is the most recent version, if this is something you can’t do yourself, then contact your developer or hosting company and ask them to check on your behalf and do any upgrades that are needed. It may cost you money if you don’t have a maintenance agreement and that the designer/host takes the approach that the upgrades aren’t something that they should do as a matter of course, but on the positive it should make your site much more secure and less likely to have issues, and it is worth remembering that just updating the software after a successful hack doesn’t always work as there are often extra programmes called “back-doors” installed by the hacker to allow them back in again later.