If you’ve just launched your new website, you’re probably feeling pretty good. The content is up-to-date, you’re using the latest version of WordPress (your open-source Content Management System (CMS) of choice), and your domain name and web hosting are prepaid for the next twelve months. You may be happy to think that you don’t need to worry about the back-end aspects of your site for quite a while.
My clients are often surprised when I advise them that their site needs regular maintenance right from day one. This post explains why.
A true-life tale of internet smut
A few years back, Monkey Hill was involved in providing communications services to a large, high-profile health research project that was using its website as a key recruitment tool. Although their website was quite new, I noticed that the site had been hacked and was displaying pop-up ads for Romanian massage parlours and Viagra. Further, these phrases actually appeared in the Google search results for the organization. Not great for their reputation! After bringing this to their attention, the client hired us on the spot to fix the site’s vulnerabilities and add ongoing site monitoring and maintenance to our contract.
The fact is, while your website’s CMS may be up-to-date and secure at the time of launch, you can’t ignore the ongoing care that it requires. You can spend much more time and energy trying to recover from being hacked than by being prepared in the first place.
The internet is alive, so step lively!
If you visualize the web like an enormous garden, your website might be represented as a single tomato plant. If you want your plant to survive (or even better, thrive) you wouldn’t just stick it in the ground and walk away. You’d need to ensure your plant receives enough water, nutrients and sunlight while removing any weeds in the area. You’d also need to be on the lookout for threats to its survival, such as pests and disease. Your website requires the same type of care.
The WordPress platform itself is a complex program, continuously evolving and growing. New features are being added, bugs are being fixed, and security issues are being discovered and patched on an ongoing basis. This applies to WordPress plugins and themes too. It just isn’t possible to provide all the benefits of a powerful and user-friendly Content Management System without having some pretty complex functionality taking place under the hood.
An ounce of prevention
The best way to avoid problems with your website is to take the proper precautions. This includes ensuring the following:
- WordPress’ core files are up-to-date.
- Plugin and theme files are up-to-date.
- Website doesn’t use any insecure plugins or themes – a knowledgeable WordPress developer will know or be able to find out which ones are to be avoided.
- Hosting with a reliable, secure and responsive web host – you can take all the security precautions in the world, but if the server your website is hosted on is insecure, so is your website.
- Create off-site backups of your website files and database at regular intervals. Some organizations can do this once a month while others require daily backups – it all depends on how often your website content changes.
- Regular scans of the site for malware.
- Monitoring the website for malicious activity – failed login attempts, password recovery attempts, SQL injection, database overflow attempts, etc.
- Monitor your website’s uptime. Having your website crash or be unreachable on a regular basis is a sure sign something is wrong and may be the precursor to a major outage.
- Passwords are strong, ideally containing a mix of uppercase and lowercase letters, numbers and symbols. (Having passwords like “password”, “pa55w0rd” or “abc123” are just asking for trouble!)
Getting set up
It’s not uncommon that the group who builds your website might not be the same ones who help you maintain it. Some developers are simply not in the maintenance business. Other times, clients don’t want a long-term service arrangement with a company that didn’t meet their expectations during the build.
Whether I’m the original developer of my clients’ websites or not, I always recommend site maintenance as an essential, ongoing component. Please feel free to contact me for a quote for ongoing WordPress website monitoring and maintenance. I can also provide hosting services through one of my partners (based in Canada or the US) if your current provider is not meeting your needs.
Photo courtesy of Regan76 under this Creative Commons license.