Using WordPress? Your Business Could be at Risk.

By: Andrea Lotz Monday January 12, 2015 comments


Many people hail WordPress as the savior of small business in the internet age.  After all, doesn’t it provide an inexpensive way to create and host a website?  Doesn’t it give you all the tools you need?  Doesn’t it manage all your content?  Isn’t it safe?  Doesn’t it do the job?

Is it safe though?  And does it do the job?  And is it really that inexpensive?

Here’s the thing about WordPress: it can only offer everything it does by having an opensource core.  Every one of its plugins are opensource as well.  This means that the plugins and themes are written by thousands of individuals around the world.  All with varying levels of programming proficiency and attention to security issues, not to mention ethical standards.  This has a couple of important consequences that small business owners need to be aware of.

Your Website is Not a Unique Snowflake

Many small businesses are able to quickly set up a functioning website by hiring a web developer, who creates a site for them.  Since anyone can access all that opensource code, it is quite common these days for a web developer to take advantage of all the free software.  Many now create a bunch of cheap websites by stringing together random collections of various bits of code written by people from around the world into a WordPress website, a la Frankenstein.  They do this because it is much, much faster, cheaper, and easier than writing new website code themselves.  

Your Website is Not Secure

Since all of these various plugins and themes are written by different individuals, they don’t always get along.  When mixed together in the same environment, they can conflict with one another.  That can be worse news than you might realize.

The combination of 2 different code sources can result in a new security hole that neither plugin or theme individually would introduce.  How can you be sure that your information (and your customer''s) is secure.  Since 22% of WordPress hacks are a result of plugins and 29% are from themes, I’d be careful.  If you use free plugins and themes, they could be vulnerable or even designed to fail.

Hosting is another huge source of hacks – about 40% when combined with computer viruses and malware.  Here’s what that means:  Many small business websites are hosted with the cheapest web hosting available.  They are inexpensive because the server companies combine thousands of websites onto one server.  This means that if any one site in the server gets hacked, the others may now be at risk.  

Your Website is a Target

Hackers know how many people use WordPress (it hosts about 1/6 of all sites on the web).  You might think that WordPress’s popularity means it’s safe.  In fact, because it is so popular, hackers are continually hacking into WordPress websites.

Why do they do this?  For prestige, to steal information and data, to put you out of business, to put spam links on your site, or just for the challenge.  Only 8% of those hacks are from user error – that is, weak passwords.  The rest come from the nature of opensource coding.

Whatever the reasons, these hacks are costing website owners hundreds of thousands to repair each month.  On average, there’s only a 75% chance of fully recovering, and it will take three days and at least $100. 

Your Website is Not Supported 

WordPress does not have a phone number to call for support.  There isn’t even any one person directly responsible for making sure it works.  WordPress is open source, meaning thousands of random people create it and contribute - but there is no central entity to take responsibility for errors and problems.  There’s no one to make sure you’re getting the most out of the software.

This means that you, the user, are responsible for keeping your software and databases up-to-date and secure.  You’re responsible for backing up your information.  You’re responsible for installing security plugins.  WordPress websites must be backed up and updated by the site owners or developers, and never by WordPress itself. 

A lot of things can go wrong during updates.  If you update your WordPress version, some of your plugins may stop working, because they’re incompatible with the new version of WordPress.  So then you have to update all your plugins – and there may or may not be a current, updated version available of each plugin.  For this reason, many people choose not to update their WordPress version at all.

But this is a huge security risk!  With so many hackers targeting WordPress, having an outdated version is like leaving the door wide open.  In fact, these issues are posted of all the security vulnerabilities of old versions on forums and website all across the internet, including right here.

Just last month over 100,000 WordPress websites were hacked, you can read more about this here.

Business owners who don’t have the know-how to do their own updates are most at risk.  Even those who do often are unable to fix a website that no longer works after an update.  Most hire web developers to do updates or to repair websites, and those services aren’t cheap.  Many “free” WordPress sites cost $300 per month or more in maintenance fees paid to web developers.

You can read another article about the problems with WordPress in this article from

Starting to sound a little less easy?

There are other inexpensive, easy ways to get a website hosted, and you’ll probably find that they offer more useful features at a lot less risk.

AllProWebTools is centrally managed.  There is a company staffed by people in Colorado, who are available during regular business hours, available to provide support.  This team is constantly watching for bugs and security issues and patching vulnerabilities immediately.  

Patches are universally applied instantly to all users - there is no need for users to download anything or configure any new security updates.  All of the code is closed, so hackers do not have access to view how it all works.  The code is all centrally managed by the company, and security protocols and rigorous testing are put into place to ensure that new code is free of issues.

AllProWebTools is hosted in the Amazon cloud and utilizes the Amazon cloud''s great infrastructure for redundancy, failover, backup, firewalls, and archiving to ensure the security of our business customers’ sensitive data.  The Amazon cloud is host to many popular website services such as DropBox and Netflix.

Reduce your risk and focus your attention on running a successful small business by using AllProWebTools.

Andrea Lotz

About the Author: Andrea Lotz

Andrea is the resident writer for AllProWebTools. She loves to write about just about anything, especially small businesses, sustainability, and whatever is new and upcoming on the horizon.  She lives in Fort Collins and spends her free time cycling, welding, cooking, and playing ukulele. 

Find on Google+




Pricing Calculator

Pricing Calculator

Total: $10 monthly