{"id":2086,"date":"2014-06-16T15:41:35","date_gmt":"2014-06-16T21:41:35","guid":{"rendered":"http:\/\/www.whitefirdesign.com\/blog\/?p=2086"},"modified":"2014-06-16T15:41:35","modified_gmt":"2014-06-16T21:41:35","slug":"managewp-shows-lack-of-concern-for-security-by-running-insecure-version-of-wordpress","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2014\/06\/16\/managewp-shows-lack-of-concern-for-security-by-running-insecure-version-of-wordpress\/","title":{"rendered":"ManageWP Shows Lack of Concern for Security by Running Insecure Version of WordPress"},"content":{"rendered":"

When it comes to the security of websites, what we see over and over is that the basics are not even being handled by people that shouldn’t have a problem doing it. If you are running a WordPress website then part of Security 101 is keeping WordPress up to date, as it prevents your website from being hacked due to a known vulnerability in an older version of WordPress. Unfortunately, that isn’t being done in many cases as can been seen in the fact that\u00a0only 40 percent of WordPress websites were running the latest series of WordPress in the data set we looked at\u00a0in March<\/a>.<\/p>\n

You would think that providing better management tools would help this situation, though the example of one of the providers of such a tool would say otherwise. ManageWP describes its services as providing you the ability to\u00a0“Manage all your WordPress sites from one place – including updates, backups, security and more.” You would certainly expect they would be keeping the WordPress installation powering their website up to date, but they’re not:<\/p>\n

\"ManageWP<\/a>WordPress 3.5.2 is over ten months out of date and there have two subsequent releases with security updates (3.6.1<\/a>\u00a0and 3.8.2<\/a>).<\/p>\n

ManageWP’s failure to take handle a basic security task is sharp contrast to their claims of security. For example, they claim<\/a><\/p>\n

Securing ManageWP and the sites we interact with has always been our highest priority. We use state-of-the-art encryption and security standards that go above and beyond what WordPress, itself, offers, to ensure that your sites are protected.<\/p><\/blockquote>\n

On another page<\/a>\u00a0they make a series of claims about their security:<\/p>\n

\n

How ManageWP Is Secure<\/h2>\n