Volunteer Patrol Squad

[jensen]

The Sucuri security company has published their Q1 report for 2016 and the excerpt below shows how CMS has become an unintended problem.

This user adoption however brings about serious challenges to the internet as a whole as it introduces a large influx of unskilled webmasters and service providers responsible for the deployment and administrations of these sites. This assessment is amplified in our analysis, which shows that out of the 11,000 + infected websites analyzed, 75% of them were on the WordPress platform and over 50% of those websites were out of date. Compare that to other similar platforms that placed less emphasis on backwards compatability, like Joomla! and Drupal, the percentage of out-of-date software was above 80%.​

Source: https://sucuri.net/website-security/website-hacked-report

Can you believe that they need a study to show us how lazy people can be - 80% out of date CMS.

Suggestion - x10hosting volunteer members to go patrol x10hosted sites and send a reminder to those who are using out of date software. LOL. (just realised that I don't even know how to do that.)

 

[Corey]

The amount of time needed would be very high to do this, we have a lot of sites .

A couple years ago we wrote a script that crawled the server looking for outdated scripts and sending warnings out, the only thing it did was increase the support volume with the majority of people ignoring the warnings. We've considered forcing auto updates on but this can lead to broken websites when an unexpected update hits. For now we're relying on our server side security to bridge the gap but it's definitely something that needs a better solution.

 

[Dead-i]

It's also worth mentioning that if you use Softaculous, it notifies you in cPanel when there's an update, though I expect many of those notifications are, sadly, ignored.