WordPress is an open-source product which means that the code is visible or “open” to the entire world. The benefit of open-source is that everyone with an idea can contribute to the development of a new feature of the product. But, the downside is that malicious people can look through the code for exploits or vulnerabilities. It’s the double-edged sword of open-source.
Fortunately, WordPress has come a long way and has an amazing team of core developers that oversee the development and direction of WordPress as a product. They are the ones that release updates which are most often fixes for bugs, security vulnerabilities or performance issues (much like the updates you receive for Windows, iOS or Android).
When the WordPress core team releases an update, they are doing so to protect every instance and user of WordPress. However, at the same time, they are also publishing a change to the open-source code within WordPress. When an update is released, the tech world is effectively notified of a potential vulnerability that might otherwise only be known to a small group of insiders. This means hackers can immediately start to take advantage of a given vulnerability before the owners of WordPress websites have the wherewithal to complete an update. All of our clients get same-day (sometimes same hour for critical releases) updates to the WordPress core.
Our Security and Performance clients get an added benefit on top of the same-day WordPress core updates. Third party plugins are not managed by the Core Team at WordPress. So, this sometimes creates security issues if the developers of these plugins do not keep their code up to date (especially if an update to the WordPress core has exposed a vulnerability that affects a given plugin or category of plugins). So, we first ensure that our clients are using best-in-class plugins for a given feature or requirement. Then we ensure those plugins are also updated the same day that an update is made available.
Themes are also developed by 3rd parties and can sometimes create additional security holes that we cannot mitigate without rebuilding a site from the ground up. So, this service is only available to our top-tier clients who are using a theme that we have reviewed, approved and configured. Like our same-day WordPress core updates and our WordPress plugin updates we ensure that our clients themes are updated as soon as a new version is released.
Contact forms in WordPress websites have a notorious reputation for suddenly not working. This can be caused by a number of issues from a broken plugin, to a core update to WordPress to some changes in the mail server settings. We test contact forms after a core update and after an update to any plugins used to build or manage forms in WordPress websites. This ensures that our clients do not miss any inquiries submitted to their business.
For our top-tier clients, we offer unlimited WordPress issue troubleshooting and debugging. No request is too big. If you’re WordPress site is not performing the way you’d like it to, we will look into it. If it’s a bug or error that resulted from an update, we’ll fix it at no additional charge to you.