WordPress is a great website platform because it’s intuitive to use and gives you a good-looking website. However, one of the best things about WordPress is that it is open-source. What does “open-source” mean? It means that the code that WordPress is built on is available to anyone to do with as they please. The reason for this is because WordPress encourages users – Joe Website Developer next door – to make the software better. They encourage them to create new functionality for WordPress called “plugins.” Basically this is like building a house, and then providing the blueprints to anyone who wants them with this challenge: Improve on what we have here. Make an awesome addition to the back of the house that people might want. Develop an incredible patio with a firepit and built-in grill with a bar.
So plugins are wonderful things for a wordpress site, and there are thousands of them: Online calendars. Email contact forms. Plugins that help search engine optimization. However, the downside of this developer’s paradise is that this open-source can be used for evil as well as good. Developers who have a chip on their shoulder for whatever reason can study the available code and use its weaknesses to hack into a WordPress site and do some pretty horrible things, like take over the site completely or stealthily place some links to another website in the website content, which benefits that other website’s search engine rankings. I recently witnessed an example where a site was hacked and malicious code was placed on the site to the point where it brought the server down.
Because of this, WordPress and plugin developers come up with code updates on a regular basis to thwart this problem, and this seems to work well. These updates require downloading the code, installing it on the site, and then testing the website to make sure everything is working well. As long as this is done on a regular basis, there should be no problems. I do this for my Black Lion clients regularly and haven’t had any issues.