Many websites, these days, are running on outdated software (scripts). Here at LHS, we see sites every day that are running outdated versions of scripts. We are contacted regularly by people whose site has been hacked by some unknown perpetrator. Sometimes, the site simply displays some message stating that the site has been hacked. Sometimes, it is a bit more malicious. Many times the client will not know their site has been compromised until they get a notice from their anti-virus software when they visit the site. In those cases, the site is probably being used to spread malware to people who visit the site or web page that is infected. Sometimes, a site will be infected for a long time and nothing seems wrong.
We try hard to educate our clients on the need for regular site updates, backups, and upgrades. We even offer services to help you maintain your site and keep it updated and backed up, in case of an issue. It is not something that most people want to think about, but it is an ever present reality.
Who Is At Risk?
Any site is vulnerable, but sites that use lots of scripts, to run and function, are at a greater risk. If your site is built on a Content Management System, or CMS, such as WordPress or Joomla, the risks are even greater if you allow those scripts to become outdated.
As hackers find ways to exploit these scripts, the script writers will generally offer security updates for their scripts. So, for instance, if your site is running version 3.6 of WordPress, you are much more vulnerable that the site running the latest 3.8.1 version.
Unfortunately, in this case it is not only a weak link for your website, but can be a doorway into any site that is hosted on the same server as yours. Most websites are hosted on shared servers with hundreds of other sites. The overall server security can be compromised by one unsecured site. Again, we try to educate clients on the value of strong security including secure passwords, up to date scripts, and site scans and firewalls. This affects everyone.
If you are concerned about the security of your website, feel free to contact us for a free security evaluation. We will be glad to help.