For some time WordPress, the popular blogging platform, has been one of the major attack target platforms on the web. A compromised site can deliver malware to users and be used to sell illicit goods, among other nefarious uses. Some users are better-protected against these attacks than others and I would argue that managed WordPress hosting is the only way to go, unless you plan to keep a close eye on the WordPress security scene and actively manage your own site.
This is yet another example of a general truism of security: You’re better off, to the extent possible, to hire an expert to do your security work for you. Doing security is a major part of what managed WordPress hosting services do.
Organizations, law firms included, wishing to lead with thought leadership for business development, are regular users of WordPress. The larger organizations and law firms with good tech teams are very capable of setting up WordPress sites and blogs.
Ironically, the thing that attracts them to WordPress is what can get them and their organization in trouble – ease of use and flexibility through countless plugins.
The end result of this situation is that if you get careless or promiscuous with your WordPress plugins, it’s not unlikely that a vulnerability will emerge in one of them. You may not know, but attackers will.
A managed service will be far more on top of these things than you are likely to. A really strict managed service like WordPress.com will prevent many, and probably close to all, such attacks by limiting the plugins and themes you can use and rapidly updating what they support.
Even guys like Larry Seltzer, a widely recognized technology analyst and consultant, are no longer setting up and managing WordPress in hosting environments they manage.
I used to run my own web servers and host them manage every stupid little detail of them. I gave that up long ago just because I thought I was wasting my time, but security is an even bigger imperative. Many WordPress sites belong to people who don’t know jack about computers, let along web site administration. These users are much better off with a WordPress environment in which their options are limited, but their safety protected.
LexBlog’s single biggest investment now is ongoing development of a expert-managed WordPress hosting environment where we can update WordPress and select plugins on a proactive basis for law firms and professional service firms blogging and publishing to demonstrate their expertise.
We believe it will be of significant value to law firms and other professional firms who do not wish to assume the risk of a self managed WordPress hosting environment on their servers or on servers operated by a third party without dedicated WordPress expertise.