WordPress is the leading content management system now used by more than 60 million websites.
We started developing custom websites with WordPress in 2006. Since then, the industry has been evolving every day adding more freedom to usability, functionality, and design. The downside is the tools and methods to harm websites are also evolving. Like maintaining your car, your home, or your health, websites also need ongoing maintenance.
We had an attack on the clients’ websites in 2014. We teamed up with client’s hosting provider and brought the site back quickly. We are glad that we haven’t had any other incidents before or after this, but it made us much more aware of the web security and started monitoring some of the clients’ websites as well as our own website for invalid accesses to the backend.
From our data, we see the average of 5 to 15 invalid accesses attempts per site each month, sometimes over 40 attempts on the same day.
The IP addresses of those attempts were from all over the world. We don’t want to scare you, but this is the reality of today’s World Wide Web you are in.
Here are three important things to keep your WordPress website as safe and healthy as possible.
Keep applications up to date
Like any computer software, the reason why developers release minor but frequent updates is mostly for security. Major updates are usually for usability and design improvement. WordPress releases minor updates about every month, major updates in about every four months. Plug-ins (the tools to add functions to your website) releases updates monthly to quarterly depending on the developer.
Have a usable backup in case something bad happens
Hosting companies usually provide a tool to create a backup on the same server that your website resides. The timing of creating those backups are usually at server’s convenience but not yours, and scheduled automatic backup and emergency recovery are often at additional or requires an upgrade. Also, having backups at a different location other than your hosting server makes possible to recover your site if the server itself is under attack.
Monitor and prevent invalid access
Invalid login attempts and the excessive number of 404 errors usually mean someone is looking for a security hole in the backend to inject malware.
We cover all above with our WordPress Site Management Plan.
NSD WordPress Site Management Plan
✓ Setting up scheduled automatic backups stored at two different locations
✓ Security plugin installation & configuration
✓ Monthly updates on WordPress, themes, and plugins with available new releases.
✓ Monthly malware scan
✓ Monthly security and update report
✓ One emergency recovery during the contract year
$320 / year
Price is in Canadian dollars and subject to applicable tax. Price may change without notice. Price reduced on June 1, 2018.
Q: I have a WordPress website developed by someone else. Can you apply the plan to it?
Yes, as long as your website is on WordPress, we can work on it. However, in some cases, the hosting server setting may require an upgrade in order to implement our work.
Q: What happens if I don’t purchase this plan or any other similar plan available out there?
In the best-case scenario, your website should still be up and running, but there will be a growing risk without a periodic maintenance.
Q: What happens if something bad happened to my website?
With our plan, you are covered for one emergency recovery annually. We will recover your site as quickly as possible from the latest backup available. Without the service, you can either contact your hosting company, contact us or other web specialists for investigation and the recovery of the site. There will be a fee unless you have a plan that covers the work from your hosting company. Our fee will be charged hourly.
Q: Can I cancel the service anytime?
The plan is an annual package. We will send you a renewal invoice annually by email before 30 days of your purchase anniversary date. You can then either cancel or continue the service for another year.