Why Website Updates are Mandatory
Each year updates are needed to keep your website working its best, and to keep it safe and secure. The updates your site needs will vary according to the changes made over the year to web standards, web browsers, mobile devices, and, most importantly, to attempt to close any potential security holes which may leave your site open to attackers and hackers.
Websites need maintenance, just like cars
Websites need maintenance, just like cars do. When you purchase a new car, you drive it around, have some fun, show it off, and don't think about its needs too much at first. After a certain amount of time and miles, you bring it in for an oil change, rotate the tires, change other fluids and filters, change out the belts, wash it, maybe even get it detailed. Generally this type of maintenance will help keep your car running smoothly and will provide reliable transportation.
Now imagine that you do NOT do the regular scheduled maintenance to your car, and instead wait 5 years to do anything. Your car will most likely be running poorly (if at all) and will need a ton of work, which will most likely cost more than it would had you done regular maintenance. A website is just the same, needing regular scheduled updates. The longer you wait, the more likely your site will be working poorly and will cost more to overhaul, and the more likely it is to have major issues.
WordPress Website Updates
For content management websites using open-source platforms, such as WordPress, the cost of updating your site generally depends on the theme and plugins you use, your site’s functionality (eCommerce, etc.), how customized the features, functions and design of your site are, and how long it has been since your site was last updated.
If updates are done, the site will continue to be seen as intended in newer browsers and mobile devices, will have heightened security, and will, most likely, run a bit faster. If updates are not done, some elements of the site may not be working correctly in certain new web and mobile devices, or in newer versions of desktop browsers. Most importantly, any bugs and security loopholes that have been found since your site was last updated, in any elements that your site utilizes, are much more likely to be exploited by hackers and attackers. Failing to update your site leaves it extremely venerable to attacks.
Don't Update Your WordPress Site Yourself
Some updates may break your site, create conflicts between site elements, and/or write over customizations, if not done properly. If you choose to attempt to update your site by yourself, please be aware that the process is usually considerably more complex than clicking on the automated “update” buttons, which simply writes any available new, updated, files over your existing site files. If you make a WordPress update by yourself, you may very well shut your entire website down. Some fixits to incorrectly updated sites have cost upwards of $500, in addition to the other work that needs to be done, because the site was updated incorrectly by the client. Please be 100% sure of what you are doing before you click “ok” or “update.”
What to do if Your Website Has Been Hacked
If your site is infiltrated by a malicious attacker, it must be restored from the most recent “clean” backup, or manually cleaned of whatever attack has infected the site. This process can be very time consuming, in the event of a complex hack. While it is, theoretically, possible for a site to be hacked at any time, leaving your site running old versions of WordPress, theme cores, and plugins, is like leaving the doors and windows to your house open. Your house may still be broken into if you lock the doors and windows, but it is, certainly, less likely.
If your site has been flagged as a "malicious" site, and your web browser displays a safety warning when visiting your URL, it is extremely important to "take down" your site, and do your part to stop malware. Until your site is clean of malicious attacks, it should not be accessible on the internet.
eCommerce Website Updates
If you have an eCommerce site, keeping the site up-to-date becomes even more critical. As an e-merchant, you are responsible for the safe transfer of the payment information of your clients. Leaving an out-of-date eCommerce site on the web is not only irresponsible, but likely violates the terms of your Merchant and Gateway agreements.
Update Your Passwords At The Same Time
Additionally, during this time, I recommend updating all passwords, which your web developer can help you with at the same time.
Updates are needed every 6-12 months. Updates are required by your web hosting provider, are essential to keeping your site running smoothly, and are mandatory for the security of your site. YOU are responsible for asking for updates to be done on your website. Contact your web developer to get a regularly scheduled maintenance contract.