You may have read towards the end of last week that Wordpress, the ever popular website backend system, was patched for a vulnerability in something called the ReST API. It made the regular news, such as the BBC who reported that up to 1.5 million websites and blogs could have been defaced.

Many websites I create use Wordpress, I’ve perhaps a dozen client sites sitting on the platform. The vulnerability wasn’t however, news to me as it was flagged up by my hosting platform the day before, and I’m pleased to say that none of my websites were affected by the hack.

Although hosting websites isn’t in any real sense a revenue stream for my business, I have ensured I’ve got the best hosts I can find. The ReST vulnerability highlights a couple of things they do well, advantages that I can pass on to my clients, to give them a sense of security too.

Firstly, when the makers of Wordpress patched the hole and pushed an update out, they didn’t publically release the problem with ReST, but they did tell various partners, including my hosts. The hosts then patched the hole at a top level, preventing any hack via the ReST system.

But, more pertinently to my clients, I have my hosting setup to “Auto Update” Wordpress websites. It’s a pretty powerful offering that isn’t a standard service provided by the more budget hosts. Auto Update is great, but it’s not work-free. I have to check any updates don’t break the more custom aspects of sites I’ve created and fixed any issues if they do. When 4.7.2, the patch for the ReST issue was pushed to my sites, it was pretty small, and in this case, I was able to confirm that everything was working as expected.

It’s worth looking at what your hosts offer when working with Wordpress. It’s such a powerful and popular tool that any vulnerabilities are quickly abused. If you’re considering a site, or on one that’s been hacked, get in touch and you can get the above, plus some other good things, for a pretty reasonable price.