December 2016 Maintenance and Security update

WordPress 4.7 was released on December 6. We haven’t seen any compatibility issues yet, but we are still planning on waiting to update until sometime in January, as per our policy to wait at least a month before moving to a major WordPress update.

We anticipate 4.7.1 being released sometime in January, so we will likely wait for that, as there are no security issues, but some bugs we want to be resolved.

If you’ve not heard of “ransomware” before, this article discusses it, but it also talks about something even more insidious. Basically the ransomware locks a PC demanding payment to unlock it; however, a 2nd option is presented to the user: instead of paying the ransom, a user can attempt to infect other PCs! And the ransom amount from this case amounted to over $700, so some people will be tempted.

As we’ve written about before, here are the best ways to stay free of problems:

  1. Have strong passwords
  2. Don’t use the same password for multiple accounts
  3. Have antivirus running, especially on your PC
  4. Keep your software on the PC and phone up-to-date
  5. Backup regularly just-in-case
  6. Avoid clicking on links in your emails – use your common sense.

This is REALLY important as even big companies get breached, such as Yahoo’s recent disclosure of more than one BILLION accounts getting hacked!

Another example is Sony Music’s twitter account was hacked and tweeted out “Britney Spears is dead”. If this type of hack happens to you, and you have shared passwords, then they have the password to other accounts. Please don’t use the same password for multiple accounts.

security on laptop smaller 300x210 - December 2016 Maintenance and Security update

For your website, we are strongly considering two additional measures for protection. While they are inconvenient for you, they have proven to be very effective in preventing unauthorized logins:

  • Force you to change your password every 90 days (very likely to implement)
  • Force you to implement two-factor authentication

Sometimes we see large hosting sites have major network outages with major downtime. Bluehost has had this happen a couple of times, and most recently it was down for 12 hours in December. That’s one hosting company we avoid using. However, it can happen. Just in case it does, we have offline backups we can use to restore a site.

Any questions or needs you might have, just send us an email or give us a call!