Updates, updates, updates. Can't I put off some of these Drupal updates?
I understand the frustration.
However, one of the real strengths of using an open source project with a vibrant community supporting it is that the project grows through contributions from the community.
These contributions could be functionality additions or they can be plugging up security holes.
Unless you're waiting for specific new functionality for your Drupal site, you don't really need to have new modules installed with additional features.
However, the day that a security update is announced, bad guys are potentially searching for sites they can hack. Yet, what sites would they choose? Of course, it's the sites where they can make money.
You need to apply security updates to your site if:
- You have an e-commerce site.
- You store sensitive information.
- You can't afford to have the site down for several days, recovering from a hack.
There. I think I covered everyone.