I've always warned folks that putting WordPress on the same hosting as ecommerce could be a hacker's dream. I hadn't seen any hacks in such a long time, I was beginning to wonder how correct I might be. Well, sorry, folks but a client just discovered her site was hacked and she does have a blog. A blog she was rarely ever posting on and certainly not checking her necessary updates in the WP admin. It does look like WP was used to gain access to the hosting account.
So the warning one more time: It is best not have a blog or for that matter any other open source code/ scripts on your Zen Cart site. No blog, no forum, no fun toys. The only legitimate use of WordPress when coupled with ecommerce is a blog – where one posts regularly and hopefully drives traffic to your site and increases your sales.
It should never be used as static pages like the about us page or contact page or other information. All of that is possible in ZenCart which is very secure. Anyone who doesn't post or make WP changes often is also not checking their admin. Though WordPress can and does do automatic updating, I know for a fact it doesn't always happen or happens at different times for different websites. Updating is just essential for WP as they continue to improve the code and tighten loopholes.
So if you aren't checking in very regularly, it could lead to hacking. There are also some things still necessary for tightening your WP security, most of which have been added in the updates but just installing WP and thinking you can handle it all by yourself may be your business's downfall. My best advice? Just don't install WP on the same hosting account as your ecommerce. Just don't do it!
Author: Delia Wilson Lunsford, Founder & CEO, WizTech, Inc.