WordPress Maintenance and Support Service
WordPress Security – The bottom line
Security a hot topic and websites have been getting hacked for years – people are losing sleep because of it. The bottom line is that there is always a risk and your website can never be 100% secure. Hackers are constantly developing new ways of attacking sites and looking for new vulnerabilities to exploit. Technology changes quickly and security is no different.
Good security is all about minimising risk and if anyone tells you that they can offer you a 100% secure WordPress or any other solution then they aren’t telling you the truth! BUT there’s plenty that can be done to minimise risk and help you to sleep better at night knowing that the changes of your WordPress website site going down have been decreased.
choose your plan
Incremental Backups + Quick Restore
Comments and Spam
Developer Site Checks
Support Hours (Per Month)
Average Fix Time
Malware and Virus Monitoring
Weekly Files & Daily Database
Weekly Files & Daily Database
Up to 1/2 Hour
Email & Phone
Up to 1 Hour
Email & Phone
Up to 3 Hours
n.b. We have the right to change these prices at any time. Any existing quotes will be honoured for 14 days from the date on your quote.
Is WordPress Vulnerable?
WordPress is popular, in fact the reality is that 17% of the websites worldwide are built on the WordPress platform. Yes a whopping 17% – that’s a lot! The popularity of WordPress makes it a big target. BUT to say that WordPress isn’t sure isn’t strictly true. It’s all about how it is set up and secured. You have to know what you’re doing. With most hacked WordPress sites that we’ve worked on we’ve found the root cause to be poor passwords, server vulnerabilities and cross contamination. We follow best practices when securing a WordPress site and impart best practices to our clients. It’s a team effort to lock down WordPress and a chain is only as strong as its weakest link. Don’t blame WordPress – it’s how it’s setup and locked down.
Security and Usability
Just like improving accessibility of a website can have adverse affects on usability if taken to extremes, security can have negative affects on usability so it’s a matter of striking a balance. Locking your website down is fine but if it becomes too difficult to use as a result you must think about striking a balance between the two – for example is your captcha just so difficult to see that you can’t even solve it to login your content management system?
Hacked? Server Issues? Plugin Updates gone wrong?
Hacks, server crashes, updates gone wrong? Is your WordPress website protected? An up-to-date backup will save the day! Most WordPress backup plugins use a fast but resource intensive php script which can adversely affect server performance and backup reliability (especially with larger WordPress websites). Incremental backups are the future – they are built to run reliably, no matter how large your website is, and where it is hosted. Incremental backups with minimum resource usage and off-site storage are the way forward but still a much overlooked option.
So that our clients understand all the hard work you’ve done for them – we provide a monthly report with our WordPress Maintenance and Support service which covers 4 key areas:
– Incremental Backups and Restore Points
– Uptime Monitoring
– WordPress and Plugin updates
– Security Scans
We provide an executive summary that managers and owners can understand. It covers all of the ways that we’re constantly reducing the chances of your website going down!
Classic backups will be the thing of the past, because websites keep getting larger, and hosting companies keep restricting the site server resources more and more. That’s why we came up with a completely different backup solution. It uses less server resources, it’s much more reliable, and more secure. We still also run php script based backups too so you have even more backups!
Who needs this service?
The chances are that your web host should have a disaster recovery plan in place and be taking regular backups of your website. This is standard practice. But did you know that these backups are generally for them and not typically guaranteed in terms of you asking for a restore of your websites. Especially if you have cheap hosting on a shared server and if you’ve ever requested a restore you’ll have had a copy of your website dropped into your FTP folder for you to restore yourself. What’s more – this restore may have taken some time and all this time you will have been panicking about losing your website.
This is where this service comes in. We know that websites are no longer just static html simple 5 page websites. Many of our clients now have blog sections on their websites and update them frequently.
My WordPress website has been hacked! Help!?!
If you’ve been hacked then you’ll know the feeling. Sheer dread! Have my web host got a copy? Do I have a copy? When was the last time this was backed up? What if all my blog posts have gone missing? You no longer need to worry with our package…we take care of it. As well as running both regular and incremental backups we also take steps to vastly decrease the chances of your website being hacked in the first place.
A message came up in my wp-admin Dashboard – WordPress needs updating and a few plugins. Should I go ahead and do the updates?
No! Here’s the scenario – you had a brand new responsive WordPress site designed and developed last year and you love it. You have the wp-admin logins and blog twice weekly. But you’ve noticed all of these update messages in your dashboard telling you that you need to update WordPress and a few plugins. You go to click update but it doesn’t complete and your site is trashed. You need to rollback to a working restore point but don’t know how. You need help but know that if you call your web developer to get your site back up and running with no notice he’ll have to charge you a premium. Besides he should have told you to take a backup before clicking that button right? You no longer trust him because he didn’t take care of you as a client and was busy with other projects. You need us to look after your website and fix an issues as and when they happen. Wordpress can be complex with different plugins and WordPress core which should be updated regularly. If your website is on cheap hosting then your web host may have restricted resources which stop some plugins and php scripts from running, they may time out mid way through operations and cause issues.
Gone are the days when you could have a website designed and set and forget it. But many web designers out there are still churning out sites and forgetting about aftercare. This is where we come in. Everytime we design and develop a website for a client let them know that the service doesn’t end there. We educate them about vital updates that must be carried out by someone. We shudder when a prospective client contacts us with an existing WordPress site that we haven’t developed and it is still on WordPress from 2 years ago, has 12 plugins that are out-of-date, 13895 spam comments in the database adversely affecting site performance and 4 themes 3 of which are inactive but have never been updated. If this describes your WordPress website then contact us now!
So what is all this about Increment Backups? Why are they so good?
They’re the future of WordPress backups – they are more reliable, use less server resources and allow a quicker restore from our end. If you have a website that brings in targeted traffic and enquiries to your business whether you’re a Accountant, Plumber, Electrician or a blogger then you need incremental backups. Wordpress plugins that deal with backups are php script based and basically run a quick and resource intensive job on the server. A lot of hosting providers have tightens up resources on their solutions due to this and other scripts in recent years because they just take up so much resource. The other issue is, especially if you have a larger than average WordPress site, if you run backups too often then they can overlap which can cause all kinds of issues (and that’s if your web host hasn’t already throttled your resources causing your backup script to timeout) – basically another backup starts before the last backup hasn’t finished resulting in even more resources being used. So what do you do if you blog daily or even 4 times per day? Backup 4 times per day? Or just accept that so much data will need to be added again if your website does fail and need to be restored.
Incremental backups work differently to this – you know like Dropbox works, one full backup is taken, then changes are scanned for and ONLY the changes are backed up. Unlike standard php script based backups, incremental backups take up about the same resources as a visitor to your website – hardly any. Restores are much easier too and we use a staging area and a screenshot of each restore point so that, if your site has been hacked, we have a better chance of being able to view the website as it was before it went down / was defaced! This means that rollbacks to restore points are quicker and less downtime for you. I’d pay for that peace of mind and being able to sleep better at night – wouldn’t you? If so, contact us now!
Will your service provide a 100% guarantee that my site will never go down, get hacked, etc?
No even very large websites with full-time security teams such as banks, government sites and billion pound eCommerce sites can be hacked. Imagine though that these are big targets and your site is likely not. Think of it like a street full of houses and a burglar walking down the street at 2am and noticing that one of the doors as been left wide open, no lights. Would the burglar go to the effort of breaking into a house that was locked and just walking straight through the open door of the house that the resident and left open by mistake? The burglar would choose the path of least resistance and so do hackers. Wordpress hackers look for vulnerabilities and your website will have a higher chance of getting hacked if plugins are out-of-date, themes need updating, WordPress core hasn’t been updated in ages, etc. So why make your website easy to hack? We follow a process to vastly decrease the changes of your website getting hacked but if it does then we can restore your site and investigate what went wrong. The chances of downtime are decreased and peace of mind is assured.