Recently we received a notification from the creator of the security software that we use in our websites to alert us that there was a security vulnerability in the SEO software plugin which we install in our websites.
This might sound sketchy, but they are both fantastic pieces of software, and it’s actually great news. Websites and everything behind them which make them hang together, are made of software. No software is ever perfect or complete. Hackers are always looking to strike at random to break into the back-end of websites all over the world, whether for financial gain, or just because they can.
So your website and the plugins behind them need to be maintained and updated regularly, as the developers of these plugins improve their security and functionality, and release updated versions.
We have now updated all of our client websites which have these 2 excellent plugins installed in them, and we carry on with smooth sailing, everything updated and secure.
This is why every business’ website needs a Website Care Plan together with Website Security Software (think: internet security or anti-virus for websites), and why you need an expert to maintain and monitor the website for you. Because how many website owners know what to do to secure against vulnerabilities, or have the time to monitor them? You’re busy and you have a business to run, and you don’t need the hassle.
What should a Website Care Plan include?
Digital agencies which both create and maintain their clients’ websites may differ in what they offer in their website care plans, but these are what we provide at Calido Media:
- All CMS, Theme and Plugin software updates
- Configuration and management of website backups
- Configuration, management and monitoring of a website security firewall application
- Monitoring the website for any down-time
- A monthly Google Analytics report
- A monthly website update and maintenance report
CMS, Theme and Plugin updates
No matter which content management system (CMS) your website is created with, e.g. WordPress, new versions of it and the plugin software which make the site work are regularly released for upgrade. This may be to enhance functionality as well as security.
What are plugins? Think: your page SEO tags, contact forms, Google Map integration, security software, website backups, page builder, header image slider, etc.
These are just some examples of software plugins installed in the back-end to make your site work.
As with all software, these become superseded by updated versions, and leaving your website with outdated CMS, theme files, and plugins means the site is vulnerable to attack by hackers, because outdated software is often a security vulnerability.
We receive reports each week about the outdated plugins and themes in your website which need to be updated, as well as the hacking and login attempts by unwanted visitors.
Your website files and the database behind it should be regularly backed up and stored in a secure cloud storage location.
In case there is ever a problem with the web server or the website itself, possibly due to a successful hack or malware injection, it can be safely restored to the last backed up “restore point”.
Many website hosts provide a backup function, but these are never as reliable as an application which you have full control of and can schedule to regularly automate the backup process and store the files in your preferred secure location. With a dedicated backup application you have the ability to restore your original website from a compromised state with a few simple clicks.
Website Security Firewall application
Website Security software is usually a subscription service which acts as a secure firewall between your website and the internet to prevent unwanted website access and malware injections into the website’s database by internet hackers.
It also has the ability to block access to your website’s back-end by specific locations, IP addresses and user names, with real-time protection against the latest known hacking techniques, malware and viruses in circulation.
This software is one of the most essential and important tools that a business should implement for its website. Very simply, we consider it to be a must-have to ensure the protection of your website.
Your website should be monitored for any down-time, so that if at any time it is offline, any issue can be resolved so that the website is back online as soon as possible and with minimal disruption.
Websites can go down for a number of reasons, including being hacked or other web server issues.
Whatever the issue, if one of our clients’ websites goes offline we are immediately notified and get the issue resolved.
Fortunately, we use excellent web hosting infrastructure and rarely, if ever, have to worry about down-time. But we setup monitoring tools for our clients’ websites, regardless.
Google Analytics reports
For some Website Care Plans this is a nice-to-have or a bonus, but we like to provide a website usage report so that clients know the important statistics about their website traffic each month. It also gives us valuable insight into which content is the most sought-after, as well as any areas of the website which might need some work.
Website updates and maintenance report
We also like to setup tracking of all the updates that are made in the back-end of the website: CMS, theme and plugin updates – exactly what was updated and when, security events such as hack attempts or attempts to access the admin area which were successfully prevented; and backups which were performed.
Keeping your website’s content management system, theme files and plugins updated, security tight and protecting against hackers and malware, and regularly backing up are essential tasks to ensure an optimised and secure website. Above all, with a Website Care Plan, you won’t have to think about these things and can focus on running and growing your business.