WordPress security is supported by professional open source community

I’m going to do just that. “It isn’t so!”

This quick post is borne from a series of recent exchanges with a client who has experience running his own Blogger (a.k.a. blogspot.com) blog, and who has inherited the oversight responsibilities for a website that I built 2 years ago with WordPress. Those of you who know the vast differenence in the purpose, professionalism and horsepower between these two platforms have already said, “Ah-ha! Here it comes. The ol’ ‘why doesn’t WordPress work like blogger’ story.” Some people, including my client, assert that WordPress is a weak platform for security because it is open source which means that hackers have easy access to the software to find holes and exploit its security.

I am in complete disagreement with this reasoning.

Certainly, WordPress is free and the bad-guy hackers have easy access to it, but let’s be realistic about the security of today’s cyberspace; hackers love a challenge and they can just as easily download pirated copies of any website design software they want. The fact that WordPress is a free, open source platform makes it actually more secure.

The reason can be summed up by the following quote:

“None of us is as smart as all of us” ~ Ken Blanchard

Most proprietary website software programs are designed by one company with a limited number of employees. And WordPress has a very small core group as well, but the community that works on the program to various degrees is massive. Thousands of people are involved in doing things like updating the software, creating plugins and making easy-to-use templates. It’s a huge community effort.

This means that as soon as there is a problem, someone finds it almost immediately. And when they do, the helmsmen of WordPress work hard and fast to solve the issue, and each time, they also release an appropriate new Security Update.

Compare that dedication to other companies whose updates are much less frequent, and whose community is much, much smaller, and you’ll see another true advantage and value of WordPress.

Here’s the biggest key to WordPress security: the webmaster.

You see, it doesn’t matter where you stand on the debate about open source versus proprietary software or whether or not you believe there is an evil, malicious group of hackers like Anonymous out to destroy your business. What matters is that the webmaster does a 100% complete job on the most basic of basic disciplines… making sure the client’s website is backed-up and making sure that it always has the latest software versions and plugin version installed. Without the webmaster doing his part, all the geeky smart, genious web developers in the world are not going to be able to prevent an intrusion into an outdated website.

That being said, and since the majority of small business owners act as their own webmasters, it pays to know what you are doing or to hire someone to do this vital task for you. And it really pays to pay for that ounce of prevention, when the cure can be very expensive. “An ounce of prevention is worth a pound of cure.” -Benjamin Franklin, founding Philadelphia’s first Fire Company in 1736.