Penny Shima Glanz is our resident tech expert, and today she’s here to remind us that spring cleaning isn’t just for houses!
Spring makes me excited to finally throw open the windows and give the house a good cleaning after being closed up over the winter. I find it’s also a good time to complete a thorough site review to make sure everything is up-to-date, I’m not using plugins I don’t need, verifying my backups, and changing passwords.
It’s important to make sure that WordPress and all its plugin and theme files are kept up-to-date. Not necessarily so that you can have the latest and greatest features, but because many of these updates include small security patches to help keep you and your website safe. Should you care even if you are just a personal blog (at the moment)? Yes! Why? Your website is your reputation.
From my point of view it’s a huge challenge to maintain. My clients want the newest popular features to draw in new customers and site visitors. Each new plugin adds in a layer of complexity and also needs to be maintained. This trade-off between security and their website’s functionality means I do the best that I can to provide my clients with tools to understand and keep their sites secure. Sucuri wrote up a nice guide to Understanding WordPress Plugin Vulnerabilities.
Why do I review and remove plugins and themes I don’t need? Even if they aren’t active, it is possible for them to be used to compromise your site so you need to keep them up-to-date. One word of caution, please do not delete the default WordPress theme even if you aren’t using it, WordPress needs it installed. WordPress Housekeeping provides good tips on the clean up you can do for your themes and plugins.
Why do I test my backups? Databases and files can become corrupted. I want to make sure they’re complete. Sometimes a backup may not finish and I’ll have a partial backup that’s only short a few bits (that’s all that’s needed to make it incomplete). Or maybe I changed the password or the script that automates backups and it’s not running at all. I trust my systems, but I periodically test them so that I can continue to trust them.
Why do I change my passwords? While I advocate use of a password manager and keeping different passwords for different sites, I still advocate changing them every so often, especially for my financial institutions, email, server, and my database. Even if it’s difficult to guess, it doesn’t mean it can’t be compromised and even though the impact might be limited to that one account, it is a habit I find still relevant and useful. My friends at Sucuri explain passwords and security history and I first wrote about two-step authentication in April 2013.
I do this for my computer, too. I clean out temporary files I’ve kept for no good reason. Make sure photos and files are backed up. I uninstall programs I don’t need and I make sure that everything is up-to-date. I also use this time to give my keyboard and mouse a good wipe with a rubbing alcohol dampened cloth and a good blast with a can of air.
I like to use seasonal triggers to help remind me to do routine maintenance tasks.
Penny Shima Glanz is a computer scientist with a passion for information management and how we interact with technology. She started PennyWise Consulting, LLC to help solo and small businesses figure out how to make the most of their technology needs and budgets. When not wrangling technology she can be found knitting, snuggling with her cats and reading, or out on a muddy trail run at sunrise.