WordPress is one of the best and most popular open source CMS/blogging platforms. The down side of its popularity is that it is frequently exploited by hackers wanting to take over and deface your website. In fact, one of the WordPress sites I work with prevented 716 hacking attacks between July 8, 2009 and November 23, 2009. One important way to prevent hack attacks is to keep your WordPress up to date. This article will show you how.
One of the most common methods used by hackers is to look for security holes in WordPress is by looking for the WordPress version of the site they hope to attack. Even if they didn’t know the WordPress version (some webmasters will hide it), they can still perform a trial and error of the known exploits to see if they work.
As advised by the creators of WordPress, it is extremely important to update the installed WordPress in your website as frequently as possible. However, updating is not simple in all website development scenarios, and lots of webmasters make serious mistakes that can prevent them from easily updating their WordPress website.
This article aims to educate you about updating WordPress. This is very important, particularly if you are still new to WordPress and plan to work with it on a daily basis. If you are ready, then keep reading.
WordPress Core Files and Themed Files
Relatively few people understand the principles of updating WordPress; these are often not clear, especially to new users. Even experts are reluctant to update WordPress because they're afraid it may affect the existing design and functionality of their website. The root cause of this fear and reluctance to update WordPress is the lack of knowledge of the WordPress core and theme files operation.
WordPress core files are the files that are REQUIRED by WordPress to operate your website normally. They are the ones that are DOWNLOADED by you from http://wordPress.org/download/ . When you extract the zip file, and view the files in the folder, they are the CORE FILES:
WordPress core files will not dictate how your website will look using a web browser. This is because they are NOT called “THEMED FILES.” Theme files dictate the look and feel of your website. Theme files are also where webmasters like you can take full advantage of widgets and plug-ins to further customize the way your website looks, and even set up ones that affect the user experience of your website.
WordPress themed files are NOT included as part of the WordPress download package/core files. You are responsible for selecting your own theme as well as the plug-ins and widgets needed to operate your blog.
You can save your theme files in this path: /wp-content/themes and your plug-ins in this path: /wp-content/plugins
By default, WordPress has the “classic” and “default” themes included in the package, and also “akismet” and “hello dolly” in the plug-in directory. If you do not add a theme or plug-in to your blog, you can choose either of these two built-in themes and activate the basic plug-ins.
However, almost 99% of the time, WordPress users select their own theme and add their own plug-ins. So their theme files will now look like this:
Inside the red box above are the new theme files added. The website shown above uses the “arras-theme.1.3.5” theme, and in the plug-in directory, it adds new plug-ins, “autosaveoff,” “disableautosave” and so forth in addition to the default files included.
Search Optimization 
