Generally, Yes! WordPress (WP) is an actively supported software product, both by its developers and users. The software is written to a high standard. If a security flaw is detected by the developers or reported by users then effort will be put into fixing it. This activity results in several upgrades being released each year to fix security issues. But that's not the end of it. WordPress users (ie, you) have to do their part too to keep their WP installations secure. For example, when a new security release is available it's up to users to make sure they update the WP version on their sites. Why? Because as soon as a new version is available hackers will target sites which don't update.

Here are the Calico team we're delighted to introduce you to our newest recruit Leah. Leah will be joining us over the next few months every Thursday on placement via the Virtual Learning Academy.

Security has always been an issue with 3rd party website software. This is especially the case with WordPress and its plugins and themes. Wordpress is one of the most commonly used website development systems in use today. The problem is not so much with WordPress and ancillary software - the developers are very good at patching any known security flaws. No, the problem is with some users who are too lazy or uninformed to update their installations regularly.

Back in 2014 when the .scot TLD went live not all domains were created equally. The DotScot registry reserved a selection of names so that they weren't publicly available for registration. Those included some premium keywords and all town, city, region and island names known as 'locality' domains. Initially the placenames were only made available to community councils or similar organisations where the domains would be used for a community purpose.

WordPress is a great tool for building websites, but it is also a common target for hackers because not all WordPress users keep their WordPress software, plugins and themes up to date. This is especially the case with "day-zero" expoits where hackers target sites as soon as an exploit is made public and where users haven't updated their software yet.