With so many things to consider, managing a website can be confusing and expensive. Everyone is saying security is important, but how important? Should you use plugins? Is the server most important? What about changing passwords? Then there’s all of those spam comments you’ve been getting…and is your website running slow? Maybe just sometimes. Are you keeping regular back ups? Isn’t that only important if you’re working on the site a lot or have tons of users?
The truth is, these things don’t have to be overwhelming or expensive. Psycray handles websites every day, and we’re familiar with best practices and expectations.
Out of the box, WordPress lacks security features that are expected on the modern web. A few of these things include:
- WordPress has a standard “admin” and password that are easy to guess/hack
- There’s no included trackback/pingback protection (this is basically linking your content to another, unauthorized site’s content – which can cause analytics problems & alert hackers to your update habits)
- The .htaccess file, which configures directory access to your site, is not in a hidden or protected location
- By default, users can attempt to login as your admin users as many times as they want – without ever being locked out, which means they get infinite guesses to access your information
- Database prefixes always default to wp_ – which can be problemating concerning SQL injections or other methods of hacking
Updates can sometimes be more stressful than we would hope. Even on WordPress, where updates and content are meant to be incredibly user friendly – sometimes it happens that you update a plugin or WordPress core and your website appears broken. As a result, many WordPress sites don’t get regularly updated – which gives it a bad rap for having security problems.
We offer managed updates that:
- Run automatically, on your preferred schedule
- Perform before & after screenshots to ensure there are no changes – however minor.
- Perform performance scans to ensure that updates didn’t cause speed or security issues
- Send reports detailing any outlying security issues, success rate of updates, performance concerns and backup details
Many web hosts do not provide any isolated backups by default – and often, back-up plans can be very costly. Occasionally, even high-end hosts like AWS default to a backup scheme that simply uses a directory back-up, where it versions the files, but they are on the same disk. In all of these scenarios, your data is highly vulnerable to hardware failure, hacking and many other disasters. Having an off-site backup is the only guaranteed way to ensure your content can be restored quickly in the event of disaster. We offer our customers regular off-site backups, with automatic reports so you can rest assured that your data backups are being kept safe and current.