The popularity of WordPress has created an enormous amount of work to keep business websites safe and secure. Since the software used is free, it is visible to any developer and open to hackers who want to take over your website for their own purposes. There are many reasons why you need WordPress Support to keep your website optimized and safe.
Here are the fundamentals to know about maintaining your WordPress website:
#1 Training - Many designers aren't very good about training website owners on how to manage their website. Often designers only show their clients how to update pages and posts but there are so many more things that could be taught.
#2 Software Updates - WordPress is continually updating the software for security and new features. The smaller versions like 4.1, 4.2, ...etc. are security updates. Major upgrades like 3.0, 4.0, ....etc. are new features and affect many things that may be added to the website.
#3 Plugin Updates - The best thing about using community software is that developers create features called plugins. These literally are plugged into the system to add useful features. Form builders, ecommerce, reservation systems and so much more are plugins for WordPress. These plugins are providing software updates in addition to WordPress.
#4 Theme Updates - The visual part of the website is controlled by a theme. There are free themes that give a basic design to the website. Pro Themes have many more options that allow web designers to quickly design websites without having to hand code. These themes have frameworks - which are systems - that get updated as well. Usually there is a parent theme that gets updated and a child theme that contains all the customizations. So we are constantly updating the parent theme and never update the child theme.
#5 Security - WordPress is a prime candidate for hackers. These are individuals who run programs against your website to find a security hole they can exploit. This is commonly achieved by having a weak password, not updating the software, or using a plugin that's not secure, among other things. Once a hacker gains access to your website they can deface the site, put hidden spam links on pages or other things based on their purposes. These days hackers are getting more clever by hiding things so owners don't even know it. Being hacked can hurt your SEO because it may affect your search engine results.
#6 Support - As an owner of a business class website you may need help with accomplishing various tasks including security. WordPress is very complex and I'm going to debunk the myth right now that it is easy to use. The system is complex because it is extremely powerful with unlimited potential. Depending on your developer it can have many plugins, theme options and configurations that are difficult to manage. Having good support is just as important as having the website itself. If you can't make the website work for you it becomes a burden instead of an asset.
#7 SSL - Google has recently mandated that all websites should be running SSL for encrypting all data transmitted from your website. This procedure isn't especially hard for most websites but it can be costly for bigger sites if there are problems setting this up.
How We Work
Onboarding clients is a very time consuming task. We spend an enormous amount of time auditing and securing websites for monthly maintenance.
Step 1 - Audit
We will audit your WordPress installation and verify the software that is used for the website. We will analyze your theme and every one of your plugins that are installed and activated. It's common to have 30 plugins just for a basic website so this is an important step. In some cases we may need to consult for replacing software that is no longer supported.
Step 2 - Secure
We will secure your website with our "hardening" procedures. These are extra plugins that need to be installed and configured. WordPress out of the box is not secure and this is an important step. Some of the features are used to prevent brute force attacks by programs running on the login page. We just allow five attempts then block the page for 15 minutes. This is one of the biggest and easiest things to fix.
Step 3 - Monitor
We set up periodic scanning for malware and periodic monitoring so you can rest assured if something happens we'll know about it first.
After we've completed your onboarding then you can rest assured your website is safe and sound. However, even with all these protocols in place there have been occasions where the website does get compromised. It is impossible to completely secure any website so we have escalation procedures to follow if this is the case. Solutions are provided by third party partners who have even more secure systems that will completely block attackers.
All of these tasks and procedures are included in our WordPress PRO Support plan. For more information or if you are interested in an evaluation just let us know.
Stay safe out there!