Select Page

Hacks, Attacks, Crashes, Malicious Activity…

We can safeguard your prime business asset, your WordPress website from hacks, attacks, human errors, bad commands, malicious activity, disgruntled employees, deleted files, crashed servers, malware infections and a whole lot more.
  • Technical failure is not IF, but WHEN!
  • Human failure occurs when you least expect it!
  • Your site is critical, treat it that way!
  • Forget to renew your domain or server?
  • A disgruntled employee could delete pages.
  • You might not be paying attention when you’re on the phone and you clicked the wrong button, poof, it’s gone.
  • You could make a bunch of changes to pages and then realize they’re not appropriate, not accurate, or you just don’t like it.
  • You could make changes to pages and find out several days later that the content is not relevant.
  • Your web designer “locks you out” of your own website?
  • The server could crash.
  • Your site could be hacked.
  • You could make an error.
  • You could accidentally delete a page or a file.
  • Backups save your b%*#.
  • Backups protect you during WordPress updates.
  • Backups protect you during plugin updates.
  • Backups protect you during new plugin testing.
  • Backups simplify site cloning or site moving.
  • You will not recover without a backup.

Nightly Off-site Backups

What could possibly go wrong?

What could go wrong with your website? Hmm, let’s think about that. Well, dare I say it; what if the unexpected occurs? You’re just a restore away. You can have your site up and running quickly. Check out all of the possibilities on the list. It might be several days or even weeks before the problem is discovered. Nice to have the backups.

If You Fail to Prepare, You Prepare to Fail.

There’s an old saying, “When You Fail to Prepare. You Prepare to Fail.” A backup of your WordPress website is made every day and stored OFF-SITE. Why is this important? If your server or host is compromised, what is the state of the backups? An additional benefit is that if the hosting company has an ongoing problem, you can take your backup to another host and run it from there. Just modify the DNS settings. We control the storage and keep the last 30 days ready when needed. This ensures recovery to any point in the past month.

Two is one, and one is none.

The Navy SEAL’s have a saying, “two is one, and one is none.” What that says is that you can never have too many backups. Having only one presumes that you only need to step back one cycle. With 30 days of backups available, you can step back to any place in that range.

This is where a staging site is useful. You can review your site off-line, determine the best path to correction, and then move that to the live site. You can review the site as it was the day that backup was made. This is why the staging site is very valuable. We can restore any back up within the 30-day period to the staging site, you can review the data, and then decisions can be made as to how the data is returned to the live site.

Brute Force Attack Blockings

Bad actors doing bad things – to YOU!

A brute force attack is when a bad actor sends a barrage of attempts at guessing your username and password to gain access to your WordPress admin. They use automation, sending a stream of usernames and passwords. The sources of these are typically from big data leaks.

What we can do to protect you.

We can combat this in several ways. The most direct is limiting the number of login attempts and blocking users who try an invalid username. In one recent episode, we put up a new WordPress site. By coincidence, we saw a spike in live traffic. From a country in Europe, over a ten-minute span, there were over 500 hits from the same IP. Attempting numerous logins and probing many possible pages, none of which did existent on the site. We installed the live traffic monitoring and stopped it permanently. Just because you don’t see it, does not mean it is not happening. There are many parameters in our monitoring software that can adjust this to fit yoour needs of your site.

Security Alerts

When something goes awry with your website, you need to know. You need to know as soon as possible. Rapid mitigation is critical. The sooner your response, the easier it is to contain the damage. We can configure the tools to notify you of any changes as they occur. We’ll work with you to adjust the notifications to fit your need. You can receive email alerts for core integrity checks. You can receive alerts for these and many others:

  • Available updates
  • New user registration
  • Successful login attempts
  • Failed login attempts
  • Password guessing attacks
  • Changes in the post status
  • Receive email alerts when the WordPress version is updated
  • Your website settings are updated
  • A file is modified with theme/plugin editor
  • A plugin is installed
  • A plugin is activated
  • A plugin is deactivated
  • A plugin is updated
  • A plugin is deleted
  • A plugin settings are changed
  • A widget is added to a sidebar
  • A widget is deleted from a sidebar
  • A theme is installed
  • A theme is activated
  • A theme is updated
  • A theme is deleted

Uptime Monitoring

There are numerous reasons for a site to go down. Hosting server failure, needed file is missing, a DDOS (Distributed Denial of Service) attack, and a whole lot more. Whatever the reason maybe if your site goes down its catastrophic, it’s an embarrassment.

Your site is checked every 5 minutes. If it is down, and email or SMS message can be sent to any email address or phone number you want. We will also send a mail when the site is up again.

WordPress Core Updates

Why bother?

Why bother with updates? In the early days, it was not as significant. In today’s world, it is massive. The number of bad people doing bad things is grown to a scary level. We have deployed WordPress sites. In some case, before we could get the content completely loaded, the site was barraged with probes or brute force attacks. In one case, this happened over a ten-minute span. There were over 500 hits from the same IP, probing about as many possible pages. Many of them were non-existent on the site. We see this regularly. Just because you don’t see it, does not mean it is not happening.

Security and features for one!

Based on that, security is the principle reason to keep up to date. This world moves very fast. The bad actors are always looking for any hole to exploit. Don’t become their target. Update as soon as possible. Here is where the staging site we talked about above can come in handy if you want to test the upgrade. The next reason to consider is new features. As new features are available, you can use them to propel your business forward. The WordPress team is constantly adding improvements. These include speed enhancements and bug fixes. You don’t want to miss out on these improvements.

Tempus Fugit

WordPress core updates should be done in a timely manner. During the onboarding process, we will review your site dependencies. We will recommend that your WordPress core updates be applied to your live site or staged. It will ultimately be your choice. Using the staging site gives you the option to review the result of the core update before you release it live. It does, however, require more time on your part.

WordPress Theme Updates

All of the points mentioned in the WordPress core update section apply to themes as well. Security risks are slightly different; however, they are still a serious concern. Each theme is written by a separate organization with greater or lesser skills in the hardening of their themes.

The second point, probably more directly relevant to your website operation is the addition or possible removal of features. Website theme developers are constantly striving to stay relevant in the market and provide the needed functionality. It is important to you, the user, to ensure that your website stays as relevant as well. Taking advantage of these new features is very important. You also want to ensure that the changes don’t break your website.

Again, the staging site can be useful here. You must decide if these new features are relevant to the mission of your website. The use of the staging site will allow you to review these new features prior to making changes to your website.

WordPress Plugin Updates

The same points mentioned for WordPress cores update and WordPress theme updates apply here as well. The use of the staging site applies here as well for the same reasons.

Plugins are probably the most vulnerable point in the WordPress chain. Since most plugins are free, there is less financial incentive for the developer to provide support the plug-in in a timely fashion. The successful operation of your WordPress website depends on all the installed and activated plug-ins being able to work together without stepping on anyone’s toes. If you are using premium plug-ins, for which you have paid, these are probably even more critical to the operation of your website. It is not uncommon to have a plug-in update to a free plug-in get in the way of the operation of one of your premium plug-ins. Unless you are extremely confident in the compatibility of all the plug-ins you use, you should seriously consider testing them on staging site before deploying them.

There is the constant push pull when it comes to core, theme, and plug-in updates as to the frequency of application. You want to remain up to date for security purposes and possibly feature enhancements. However, the constant application of updates can be disruptive to your website.

During the onboarding process, we will work with you to determine the frequency of update application.

WordPress Database Optimization

This is as important to your WordPress site as regularly changing the oil in your car. Things just run smoother. There is also the issue of the cost of the interruption if you don’t. What can happen if you don’t? That will happen.

Get rid of the trash

Over time, your WordPress database will become clogged with the addition, removal and, moving of data and images. Every time you make a change, revisions are created. This adds a tremendous amount of rarely used data that slows access, effecting your page load speed as well as a slow dashboard. I recently checked a new install with only 6 pages, but over 300 revisions in the database. Don’t let this happen to you.

Country Blocking

If you don’t serve a specific geographic area, blocking all traffic from that area conserves server resources as well as protecting your website from malicious activity. We see it every single day. Without the protection we provide, you will never know because you will never see it. Until it’s too late!

If you use Google AdWords for marketing, these setting can be enabled to comply with AdWords rules, while protecting access to tour website.

Country blocking will stop an attack, prevent theft of your content, or end malicious activity that originates from a specified geographic region in less than a second. We can block countries that create failed logins, a large number of page not found (404) errors and who are clearly engaging in malicious activity. This is an effective way to secure your site during an attack.

We can protect your WP site in several ways:

  • Block access to your login form
  • Block access to the rest of your WordPress site
  • Continually updated list of country to IP mappings

IP Blocking

We can quickly stop site security threats by blocking entire networks and any human or robot activity that indicates suspicious intentions based on pattern matching and IP ranges. This tool allows a wide array of IP blocking techniques. We can intelligently block WordPress website threats by giving you the ability to:

  • Block ranges of IP addresses (Think of these as networks)
  • Specific web browsers and web browser patterns
  • Referring websites
  • Any combination of the above

Staging Site

On a wire without a net?

It is very stressful to be working on anything and have no possible recovery. It’s also risky. Making changes on your live site has several challenges.

Editing live, REALLY?

First, anyone visiting the site sees those changes live, as you are making them. This can result in an incomplete page. Probably not the image you want to deliver. Has this ever happened to you? You are interrupting, say by a phone call, and then the page is left in an incomplete state while your interruption takes your attention away. If you get sidetracked by the interruption, you might forget to complete the edit.

Be ready before you edit!

Here’s another bad habit many people have using WordPress. Not having completed content prepared before beginning an edit. They are actually writing, composing, and editing on their live site. That’s just plain bad practice. If that’s your modus operandi, the addition of a staging site allows you to have a place to work safely, on any type of changes. These could be videos, images, graphics, text, layout, or any other parts of the webpage. Take as long as you need. Then move those changes to the live site when you’re ready.

We include the setup of a staging site for you to use as you see fit. The staging site can be synced to your live site before you test your changes.

There are many reasons requiring a restore.

  • Data corruption
  • Problems with your Web server
  • A site update that needs to be rolled back
  • Malicious activity by a staff member
  • Human error
  • Malware infestation
  • Server crash
  • Having multiple restore points is a great benefit.

There are three distinct segments to site restoration.

  • First is why you need to restore.
  • Second is how you can restore.
  • Third is the process for the restore

Site Restore

How important is your website?

This single point deserves very serious consideration. Clearly understand the significance of your website to your bottom line. Does your website bring in direct sales (read cash); bring in leads to feed your sales pipeline, or is it the backbone of your customer support? If it contributes directly to your bottom line, then getting the site back up is of the utmost importance.

What caused the problem? Catastrophe or …

It problem causing this issue can be a catastrophe, hardware failure, external malware infestation, data corruption, malicious activity, or human error. For any of these reasons, the site needs to be returned to a previous state. The answer to this question will determine whether the restore is simply content restore, malware removal, full WordPress restore or anything in between.

 Where do we go from here?

Answering the questions above will determine what caused the issue. This will also define the steps in the remediation process. Also, it will show where the site needs to return to when the problem did not exist. These steps are probably the most difficult portion of the task. It is necessary to determine what the problem is, what caused it, and when the problem occurred. This is one reason why the 30 days of available backups are so important. The fact that they are stored off-site decreases the probability of them being corrupted as well. It is entirely possible that the problem has gone on for more than one 24-hour period. The ability to step back to a good site is only available for the number of backups that exist.

Determining where to return.

Determining where the site needs to return to often requires review of the site at different days in the available restore points. The staging site mentioned above is invaluable in this process. Each selected day’s backup can be loaded onto the staging site and reviewed to determine its viability to restore the site, when the issue occurred.

Type of restore needed.

Next is to determine the type of restore. Is it a complete restore, a page or post level restore, an image replacement, or any other content specific issue? Each of these follows a different path to return the site to effective operation.

At this point, it is understood what went wrong, when it went wrong, and what is necessary to restore the site to effective operation.

If this crisis occurs, we will work with you to get your site back up and running. We include one restore per site per year at no additional charge. Additional restores are available at a modest price.

30 Days of Free Hosting

Donec sollicitudin molestie malesuada. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia