Websites have changed dramatically in the last few years. The majority of websites today are complex creations with databases and executable code. Gone are the days where a website was statically coded and manually updated. Today, most websites are build on a Content Management System, or CMS. The most popular of these is called WordPress.
As WordPress has gained in popularity with website developers and owners, it has also gained a following of hackers bent on finding holes in the security of WordPress websites. Don't let this dissuade you from considering the WordPress platform for your new website. The WordPress community and developers do an excellent job of patching and releasing fixes to the WordPress core. The key for any owner of a WordPress website is to run those updates when they become available.
For any websites we have built in the last couple of years we install some monitoring tools that report when there are updates ready to be installed. This includes both the WordPress core and all plugins. We do this as a courtesy to our customers to help them be more secure. If you have seen the emails from our office alerting you to pending updates, that is what I am talking about.
It is up to you, the website owner, to login and run those or have someone do them. While a few updates will run automatically, the vast majority need to be triggered. You should also check the site after each update to ensure there was not a conflict or bug introduced.
Our monthly website maintenance service includes our team monitoring, updating, and testing your site for each update to both the core and plugins. We perform those tasks proactively and report to you on their completion. We can update your WordPress site without a maintenance agreement as well – all you have to do is ask.