The “update” update

update-websiteIf you’ve logged into the admin side of your site recently, chances are you saw a notice that a newer version or critical update of the framework you’re using is available, this is as true of WordPress as it is of Magento as it is of most other systems. If you’re like the vast majority of folk, you probably also ignored it.

Upgrading a site, even for those comfortable with such things, can be a time consuming and risky business. Risky because upgrades not only fix the security holes that have been found and introduce fab new, though not always useful, features, but can also break what’s there already.

There have been times in the lives of most developers when they’ve started an update and unthinkingly crossed their fingers. This is why we have staging servers to test upgrades first, and keep regular backups so roll-backs can be done if the worst happens.

One of the problems with updates is that they can fall into a grey area of responsibility:

Host company; a lot of hosts offer just that, hosting. That means your site will have a place to live, will be served to your audience and customers, but nothing else; often the host company don’t have the development expertise to perform the upgrades anyway. They’re more like the council charging an access fee to your property; you can’t use it without one, but they aren’t interested in that leak or broken window.  

Developers; it’s not uncommon for you to pay someone to build a site, and once it’s signed off, you’re on your own. Reputable developers will support their work for a few months, to allow any initial bugs to be found and fixed. What most won’t do, without an ongoing contract, is perform upgrades as needed. These are the builders who built the house initially, but certainly won’t come back for free to fix the roof or install better windows, even if they are safer.

SEO practitioners; most companies working in SEO don’t also have expertise in development and site management. This obviously restricts what they can do for your site, since the code and server play a big part in search engines opinion of your site, but is unfortunately it is common. This is the estate agent advertising your house for sale or rent; they will do all they can to make your house seem more desirable to potential customers, but fall short of actually making the changes that are needed to the house.

Site owner; what this means in reality, is that without an agreement in place from one of the above, you are left to either scramble up on the roof yourself, hammer in mouth, or to find and pay someone else to do it.

However, there is a reason that the above doesn’t make sense:

If you are hosting a site which is out of date, you are opening up your server to security problems. Any time in the hosting world and you hear of another site on the same server being hacked due to an out of date site leading to the whole server being blacklisted by Gmail or Hotmail as a source of spam, for example.

Security-breach-600x480For developers, your previous work is your portfolio, your CV, your proof of ability. If you have out of date or hacked sites, then this reflects badly on your business.

For SEO, a site being out of date, slow, or even worse being hacked, is a red flag to search engines that the site is not as good a source of information as it thought, and rankings suffer. This goes too for slow sites, so missing out on upgrades can mean missing out on easy SEO boosts.

We only host three types of sites;

WordPress, Magento, and static sites.

That’s because we are experts in these, and know how to look after, maintain, and upgrade them.

We only host sites we have built ourselves as we know these sites inside and out, and know them to be well built and secure.

The only exception to the self build rule we would consider is a site, built on one of the frameworks we know well, for which we are doing SEO; this is because it is so important to SEO to keep the site fast, up-to-date and secure.

If, for example, we host your WordPress site. We will keep it up-to-date, regularly installing new versions and patches of the core system and the framework for as long as any customisations are unaffected, which for a well built site should be indefinitely. This is at no additional cost. It benefits your site, it benefits our other customers sites, it benefits the SEO we do for you; it just makes good sense.

There is also a vaccine coverage side to this. It is profitable for unseemly characters to exploit security flaws as long as they are widespread enough; if we keep enough sites patched and up-to-date, we remove the incentive for them to exploit those sites which lag behind!

Whether you are a customer of ours or not, please make sure you stay up-to-date!