Let’s say a developer built your organization a WordPress site, and now it is time for your organization to take it over completely and no longer have the developer involved. It happens all the time, but there’s something else that happens all the time in the handoff which you REALLY SHOULD NOT ALLOW TO HAPPEN.
There should ALWAYS be someone with the responsibility for monitoring the server setup and the responsibility for maintaining WordPress and any other software updates that occur.
(Side note: We manage this for our clients to prevent the following from happening.)
I did a simple search for “Pennsylvania”, “association” and “WordPress” on Google just now, and checked the results with Sucuri’s free malware and website scanner. First one I looked at showed this:
The software and server should be updated regularly. Often, this is not the case. The next site I checked came up with this:
Not nearly as threatening. But it doesn’t take long to find a site with something like this:
There’s an obvious problem. And dollars-to-donuts that the site owner has no clue the problem exists.
If you use a content management software (CMS) for your website, you need to designate somebody who is going to be responsible for the server environment and the maintenance of the CMS software. It’s not enough to just keep up with the actual content, or else you’ll run into trouble with the security gaps that occur with old and not updated software.
You can either keep a developer for this responsibility, or take the responsibility in house – but you cannot ignore or fail to recognize the responsibility, or else you will eventually pay the price with your site.