Website Security Pillar 3: Keep Your Software Updated

It's day 3 of our website security series for this week, in tribute to Cyber Security Awareness month this month.

Pillar 3: Keep your software updated

Keeping your tools and equipment maintained is necessary no matter which business you're in. Websites are no different - they need software updates on the regular.

Some platforms update your website software for you as part of your subscription - like Wix, Squarespace, and GoDaddy Builder.

WordPress websites, including Showit websites with a WordPress blog, are a different story.

The WordPress software universe includes plugins, themes, and the original software. And all of them need regular, consistent updates.

One of my favorite tools, iThemes security, releases a bulletin every Wednesday of the latest vulnerabilities found in the core software, plugins, or themes.

Installing the latest update for the software solves most problems, but if not, the plugin or theme should be uninstalled and deleted until a later update fixes the issue.

Most plugins, themes, and, yes, the core software - wind up on the vulnerabilities list at some point. That's why updates are critical.

According to, outdated plugins cause 90% of known security issues where someone who shouldn't have got access to the site.

Some other platforms, such as Shopify and BigCommerce, have themes that may need to be updated as well.

Choose quality software

The second part of this pillar is choosing quality software to start with.

Only install WordPress plugins that have been updated recently and have an overall good rating from reviewers. Check the reviews to ensure the recent ones don't show a decline in the plugin's functionality.

For other website platforms, if they offer apps, check their reviews, ratings, and the app website (if there is one).

And try to make sure each app is critical to the function of your site.

Finally, remove apps, plugins, or themes you don't use so they are not a security risk.


Links to the other pillars of website security:
Website Security Pillar 1: Know Your Information
Website Security Pillar 2: Develop Good Password Habits
Website Security Pillar 4: Keep Good Backups
Website Security Pillar 5: Limit Access to your Site


Leave a Comment