Why is maintenance important for websites?

A lot of websites are made in WordPress and security issues are a crucial thing to be focussed on while maintaining your website. Today it was announced that there was a big security issue with the plugin Essential Addons for Elementor.

These days, a lot of WordPress sites are made with the use of a great plugin Elementor. This is a plugin that helps you easily create websites. The vulnerability was discovered by security researcher Wai Yan Myo Thet and reported to Patchstack on January 25, 2022.

Below you can find a more technical explanation of the problem. We cannot stress enough to our clients how important it is to keep your website up to date and to keep your website but also your customers information safe.

We would like to recommend all of our clients, but also if you are not a client, to consider signing a maintenance contract with boost.

Maintenance contract in short:

  • Monthly backup of website;
  • Monthly update of WordPress (if applicable);
  • Monthly updates of installed plugins;
  • Small modifications on website (max. 1 hr/month);
  • Upon your request we can send you the backup for your archives;
  • FREE Install of Cookie Notice to comply with GPDR (writing of terms and conditions not included);
  • FREE Install and setup of Gravity Forms (premium contact form plugin);
  • FREE Install and setup of Anti-spam on contact forms;
  • FREE Web hosting including domain name (.ro/.com/.eu);
  • FREE Creation and Support personalised e-mail inboxes;
  • FREE Google Analytics reports (2) per year;
  • 10% DISCOUNT for extra hours (web development) – € 27/hr instead of € 30 /hr.

Price: €30 / month

* Pay upfront and you only pay 11 months instead of 12 months!
** For websites not created by boost we ask a fee to analize your website for technical problems.

Contact us using the form below or write us on info@theboostcompany.eu You can directly call Ruben on 0741 182 084

This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack. This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed.

Patchstack

Leave a Reply

Your email address will not be published. Required fields are marked *