WordPress is a free, open source, CMS (Content Management System) which can be customized to your preferences and requirements through the use of plugins and themes, be they free or paid for. The files that make up a WordPress site are not encrypted or hidden, they can be read and analyzed for potential exploit by those trying to get into a site. Unfortunately there is no real mechanism to fully prevent this. The best defence is to keep your site up to date and secure to reduce the chance of exploitation or hijacking.
Website development and hosting, regardless of the service provider, does not normally get you continued updates after the initial site setup and launch. Even if your hosting service includes automatic updates, you may still have issues with your site. Sometimes plugins and the site’s theme may not work properly after an update, or an update could take your site down altogether due to some conflict, especially since both are written by completely different parties.
This is where the Caorda WordPress maintenance plan comes into play. Your site’s security is as important to us as it is for you. As part of maintenance plan the following will be implemented on your site.
Maintenance Plan for all WordPress Sites
If your website is running on WordPress, be it in Caorda’s hosting environment, your own environment or hosted at another provider, your website will benefit from the following maintenance actions.
- A DEV/QA copy of your website will be set up in our QA environment so that we can test all updates prior to their application in production. This allows us to catch any conflicts and inconsistencies before applying updates to your live site, repairing them before we proceed with updates in your production environment.
- Through the use of plugins like SolidWP (previously iThemes) your WordPress core, plugins and themes will be monitored, alerting us if any exploitable features have been found and reported, prompting remediation procedures to start.
- Outside of exploit notifications, we will also apply updates to your website every month and send you a notice of all the updates applied.
Maintenance features if you host with Caorda
If your website is hosted within Caorda’s infrastructure we take additional steps to secure your website and lock down all core, plugin and theme files to read-only states. This prevents any un-patched exploits from being used to modify your site files or to place new files within your site structure.
Your site will still perform as normal with the files locked and you can still add new content and media to your site.
This does prevent you from manually updating your own plugins or adding new ones as the files are read-only. If you need to add or update a plugin/theme, reach out to Caorda Support and we will unlock your site’s files so you can proceed with your changes.