Keep Your Site Updated, Or Bad Things Can Happen

We don't like to be fatalistic, but bad things can happen to your site if you aren’t committed to keeping it updated. What kinds of bad things? There are several common types of hacks that could take control of your site, compromise private data or shut it down altogether.

  • Malware - infects your site with intent to cause harm
  • Adware - a type of malware that loads and displays ads on your site
  • Phishing - steals user logins to gain access to password protected information
  • Content injection - malicious commands or links injected into your site 
  • Defacement - editing or replacing the content of your site

Beyond the damage to your site, infected sites may be blacklisted from Google. And Google may also slap a scary red warning on your site for good measure.

Protect Your Website From Hacking
Neglecting Updates Invites Deep Hurting

Really, any of these outcomes would mean a really bad day for your organization. And all sites, big and small, are potential targets of attack. 

Who Wants To Hack My Site?

Many site owners believe their sites are too small to be the target of an attack. That’s not true, because most hacking these days is accomplished by bots. Automated bots troll the internet looking for easy targets. They are indiscriminate about the type of site they attack: large, small, old, new, nonprofit, educational, personal or corporate. If your website has a weakness they can exploit, they will.

How Do Updates Protect My Site?

Your website is built from code. Most sites depend on a software framework known as a Content Management System (CMS) like Drupal or Wordpress, plus modules or plugins. Code is complex, and weaknesses are exploited by hackers to attack sites. However, as exploits come to light, code ‘patches’ are developed to close them. Those patches are made available as updates to your CMS, modules and plugins. Installing updates closes these known loopholes and improves the security of your site.

What Effort Is Required?

Depending on the size and complexity of your site, it usually takes a couple to a few hours each month to keep your site updated. The approach we take for our clients’ sites is to apply all core and module updates, unless they are feature-breaking. In our experience, making security updates alone is not enough. Eventually the site becomes woefully out of date and at that point even applying security patches can break it. 

Always. Apply. Updates.

Once hacked, it can take a week or more for a skilled developer to clean and fix your site and get it live again. Read more about the process in Tess Flynn’s post. Granted, it’s not possible to completely hack-proof your site. It is another example where an ounce of prevention is worth a pound of cure. (Benjamin Franklin said that eons before the age of internet!) To this end, we heartily recommend taking a proactive approach to support and maintenance from the moment your shiny new site is launched. If you remember nothing else from this post, make it this: whether you do it in-house or hire a firm to help you, always keep your site updated!

Read More

Madeleine Lowry

Technical Project Manager
Madeleine Lowry

Madeleine is our queen multitasker and copious list maker. Clients love that she intuitively senses their urgency and needs while minding their budgets; developers dig that she keeps them challenged but not overloaded. She’s a particularly gentle PM with a calming presence. Madeleine uses her business background to contribute to big-picture marketing and strategy for clients as well as the home team. She founded Southwest Coder Dojo, where teens learn programming, but she believes that kind of work should be left to the real code wizards. Madeleine has often reinvented herself professionally, but her love of food and polka dots stays constant.

Jillian Tutterrow


Jill left a career in public education to create websites and is now a front end developer who also works to keep client sites updated and running smoothly. She’s one of those ridiculously nice, kind and genuine people who’s loyal to her team and her family. She’ll happily do the kind of hours-long detail work that makes other people groan, and she’s willing to fix any weird site challenge that gets thrown her way. Jill seems proper and refined but she’s all rock and roll underneath. Outside of work you’ll find her skateboarding, crossfitting, hard-core gaming, and finding typos on restaurant menus.

Tess Flynn

DevOps Engineer
Tess Flynn

Tess is TEN7’s Swiss Army knife. She’s an ever-present force in Drupal and a frequent speaker at events, where she's known for comic book-style illustrations in her presentations. Her superpower is problem-solving—she’s always finding ways to improve a site’s infrastructure and efficiency, and she has the rare ability to look holistically at a situation through human requirements, not just those of technology and business. She also loves sleuthing out the source of hacks, especially the ugly and ingenious ones. Tess has encyclopedic knowledge of horror/sci-fi ranging from schlocky and campy to highbrow. She loves Star Trek, where the engineers use their skills to help people.