WordPress is very easy to use but sometimes it’s to easy. You can install a new WordPress plugin is just few seconds and even change your entire website design is just a few clicks.
But every ever wonder if the new plugin that you have just installed is a treat or a trick?
We have talked a lot on plugins security from the eye of the developers but in this special Halloween post we want to talk about your website security as an owner.
WordPress plugins are powerful and you can find many new plugins released every day into the WordPress plugin directory, but here is a fact that you probably don’t know about the WordPress plugin directory.
Anyone can submit a new plugin to the directory and no one really check it.
Now I know your would say that the WordPress team review every plugin but, the team only review the first plugin version that you send, and a plugin developer can upload a new version of the plugin and no one really is going to check it.
Now imagine if the new version has security issues or even worse, may the plugin developer has intentionally injected some backdoor code that will be able him to control your website completely.
You are probably asking yourself why would a plugin developer will add this kind of backdoor code in his plugin that will able him to control my website.
The answer is very simple it’s all about the money.
If I as a plugin developer can control a website, I can inject links and even alter the content of the website, I can drive traffic to a specific offer or product or even simpler I can sell the links from your website to anyone that want incoming links to his website.
Scarry? No so much you can easily solve it. here how you as a website owner can avoid it:
- Don’t install a new plugin unless you are familiar with the developer or you have read a lot of good reviews on the plugin inside the WordPress codex.
- Check the plugin developer website, if he is serious about his work he will most likely have a website behind is his plugins
- Do a daily backups of your website so if something is going wrong you can always return tor previous state.
- Don’t install too many plugins, install just the ones that you must have and remove all the other from your website installation completely – don’t just deactivate them, delete them!
Follow these tips and you will have a more secure website with less worries.
“Just wanted to let you know that the plugin is working great and incomplete registrations have gone to zero! I’m definitely going to do a review of the plugin and get it for my own site.” MaAnna Stephenson BlogAid.net
“Bob Tolbert’s Wish List Member plugins have made life easier on us by automating processes that would normally eat up a ton of admin time. I especially appreciate Bob’s quick response time and customer service. Fact is, our membership website would not function without these plug ins.”
Michael Burwell TheHangoutHelper.com
“This plugin is the best way to supercharge your membership signups. I was especially impressed by the developers prompt customer service!” Stan Smith PushingSocial.com
“The Wishlist Auto Registration plugin is really great, I love it! And the support you guy’s deliver are really outstanding! Thank you so much!” Johan Skalberg kalisikaran.info
Add your opinion to the discussion