One of the big news stories for the past few weeks has been the Panama Papers, the largest data leak in history which implicates dozens of people, including many world leaders, in offshore money laundering.
There is speculation that this leak might have been possible thanks to an outdated version of WordPress. The law firm who was hacked in this data leak, Mossack Fonseca, had a website that was running an old version of WordPress (as well as another site with an old version of Drupal), and even included outdated plugins with widely known security vulnerabilities. At this point, we don’t know how the hackers accessed the data, but outdated versions of WordPress and Revolution Slider are known to have vulnerabilities that are easy for hackers to exploit.
So why didn’t Mossack Fonseca keep their WordPress site up to date? I can’t even begin to speculate about that… but I do know from talking to hundreds of WordPress site owners over the years that the biggest reason people don’t update is that they are afraid an update will break their site. I often have trouble convincing people that not updating can lead to far worse problems than updating can. Every once in a while, it does happen that a WordPress update or a plugin update will cause problems on your site.
And that’s where a staging site comes in. You can test your updates on a staging site, and then you will know for sure whether an update will work, and you don’t have to worry about damaging your live site. Once you have tested your updates on a staging site, then you can confidently run your updates on your live site.
If updating WordPress and your plugins might seem risky to you, but just ask Mossack Fonseca – the consequences of not updating can be catastrophic. You can use a staging site to test your updates so that you never have to worry about an update breaking your live site, and you can keep your site secure.