The security of your website and its functionality is very important to all of us at Optimized360. We have years of experience working with WordPress plugins and have seen how an unapproved plugin can negatively affect a website, damage your local computers and of your patients and cause thousands of dollars of damages to a website and its users. It may not seem obvious, but, a plugin can be a gateway for a hacker to attack any computer that visits your website.
We take the safety of your website and your visitors very seriously. Many requested plugins simply do not pass the minimum security and compatibility requirements needed to be installed on the server and on your website. We understand that you may need the functionality of a specific plugin and that is why we research the marketplace for you and can often recommend and install alternatives that you can consider.
The following is list of what we check to determine if a plugin qualifies to be installed on your server:
- The author of the plugin
WordPress allows anyone to write a plugin for its platform. There is no quality test or minimum security requirements or a meaningful check for plugins. That is something that is left to the users. Many of the plugins for WordPress are written by individuals, hobbyists, and/or small groups with a focus on short-term financial gain. These plugins are often not written well, are not tested for security and vulnerability and are not updated regularly. Also, they do not go through a standard Alpha, Beta testing processes that are customary for any reputable installation of software. Therefore, we evaluate the author and determine if there is a viable business model behind the program that you can rely on going forward.
- Minimum number of installations
Since many of these plugins do not go through the standard Alpha, Beta testing phases, it is simply logical to make sure that the program is at least tested by a few thousand users before it is allowed to reside on your website. Your website is not the place for newcomers and experimenters to the programming world to test their products.
- Security tests
One of the most important factors in determining the quality of a plugin is their capability to pass standard security tests. Because there is no third party that approves such plugins, we offer that security qualification to our clients at no charge. We want to make sure that any software is tested thoroughly. Many plugins come in a beautiful wrap, with a list of impressive functions, but, are an open gateway for hackers to steal your information and damage your website. The same reason you would not want to install an outdated copy of Windows XP on your brand new computer, you would not want a questionable plugin on your website.
WordPress is updated continually. Plugins that are written by non-professional authors are not. If a plugin does not have a good record of keeping up-to-date with the latest version of WordPress or worst, is not even compatible with the current version, that should not be trusted on your website. We make sure that you are protected against plugins that may seem very interesting to use but are not updated and tested regularly.
- Interference and adaptability with other programs
Sometimes plugins are written but not tested alongside other known and reputable plugins, themes, and programs. The plugin may seem OK by itself, or work on a specific website, but, it creates issues alongside other plugins, themes, and systems that make your website functional.
There are thousands of low-quality plugins that have a negative effect on the performance of your website. For example, a poorly coded plugin can significantly slow down your website. This can result in penalties from Google and loss of your ranking and also in patients leaving your website because it is running slowly. Additionally, untested plugins may cause issues with mobile versions of your site which can have a negative impact on your website’s performance.
- Other factors
There is also other criteria that we examine when our IT team reviews the viability of a requested plugin. The following is a list of a few additional factors we consider:
- The business model behind a plugin. We want to be certain that the developer will be around in the future.
- The history of reported attacks through that plugin.
- The developer’s and plugin’s rankings and ratings on different reliable website and platforms.
- Our data center, server specialists, and professional that have seen and worked with the plugin.
- The data and reports from back-end security systems like Amazon Data Services, Google Cloud, Pagely Atomic Dashboard, WordPress.com, and others.
In conclusion, we would like you to know that it takes a few minutes to install a plugin on your website but it takes hours for us to review a plugin and run these performance and security tests. All this is done in order to protect your website, your information, your patients and your business. Throughout our years, we have seen attacks that have wiped-out websites, hacked into confidential patient information, infected computers and damaged the cloud-based web servers. Our objective is to prevent such attacks on your website due to inferior plugins. No one can offer a 100% protection, Optimized360 will do its best to minimize such a risk.
Contact your Optimized360 sales associate or account manager for specific details and approved alternatives that may satisfy your requirements.
We thank you for being a valued client of ours.