WordPress Site Owners – Ignore This at Your Peril!
This is a very long page, but it contains extremely important
information if you have any WordPress websites.
Watch the video below for the shorter story it contains extra info you need to know too…
Over the past few years, more and more people have either translated their websites to run on the WordPress framework, or have started new sites that do so.
I recently noticed that even the Rolling Stones are now on WordPress! During a WordPress development webinar I attended a short while ago, the expert told us that something around 20% of all websites are now on WordPress.
This popularity is great news because it means that WordPress is maturing, developing further and becoming better all the time.
The downside of it’s popularity, is that it has become a serious target for hackers who are actively on the lookout for ways to penetrate WordPress’s built in defences and infiltrate unprotected sites.
Knowing this, the WordPress development team monitor attack attempts, and frequently releases updated versions of WordPress to plug any holes that are discovered. Often, plugins that are used to provide specific functionality within WordPress also require updates – either for improvements or to stay compatible with any new code. Fortunately, in most cases updating sites to take advantage of enhancements (and reduce the danger of attack) are quick and trouble free.
As I have become more proficient at solving problems and customizing people’s websites, I’ve been exposed to a wide range of sites and I’ve come to understand WordPress intimately. Nowadays, a huge part of the work I do revolves around WordPress installations – whether developing a completely new site, assisting in a site migration, setting up a new membership site, or merely introducing intricate customization.
I’ve worked on a lot of diverse sites from individual hobby sites, to large organizations; scattered over five continents.
Here’s the point of all this:
None of the WordPress sites older than a few months that I’ve been hired to work on have, in my opinion, been sufficiently maintained to deter a hacker of just average ability.
In most cases, the WordPress installation’s core files have not been updated since the site was handed over by the developer.
This makes sites very susceptible to infection or attack. Just because you don’t notice anything odd doesn’t mean that your site is clean!
I don’t mean to scare you…and it really isn’t your fault…but you need to know this if you depend on your site and expect it to be online and functioning properly!
As an absolute minimum, your sites should run on the latest version of WordPress, and any plugins that you use.
Another thing that every WordPress website owner must do, is ensure that you have regular periodic backups available in case disaster strikes. For WordPress sites, you cannot rely on your web host’s daily backups – they won’t help you. You need a backup that includes both the site files and the database.
You need a backup that can be used to restore your site in a matter of minutes.
I’ve recently been learning more about WordPress security, and have invested in some tools to help improve both security and performance, way beyond the measures built into WordPress.
Some key things you need to do (or have done):
- Update WordPress and all your plugins – and keep them up-to-date
- As far as possible, use a relatively new (or actively maintained) theme
- Remove any inactive or obsolete plugins and themes
- Use strong admin passwords
- Take other steps to make hacking more of a chore
Keeping track of what is happening with all this stuff can be a pain; and anyway, do you really want to become a tech person?
Thinking about all this, having helped clients recover from disasters, and knowing that many of you don’t have the time or inclination to take care of these things, I looked around online to see whether there was any WordPress maintenance service I could investigate and recommend to you. I found sites offering services ranging from $10 per month (for very basic help) to over $300 per month.
The cheaper ones aren’t even worth their low fee; the more pricey ones are more than most people need. Coming away unimpressed with what I found, I began playing around with ideas to provide an affordable value-added service to take care of all this stuff for you.
Let me be clear, I’m not a WordPress security expert, but I if you’ve read this far, I am probably more plugged into what is happening in this area than you are, and I’m interested in your site’s good health.
For now, I’m only offering just one option.
This Basic Plan includes:
- Update your WordPress installation and plugins monthly
- Update themes (if necessary, may require additional cost if replacement is necessary)
- Add or Change WordPress Authentication (SALT) Keys when you register (should be done periodically)
- Optimize WordPress database monthly to remove bloated, unnecessary data and improve site speed and performance
- Advise on good or improved admin passwords
- Install a Security plugin and advise on changes you can make to improve security
- Provide tools to optimize your site for SEO purposes
- Create weekly database and monthly full site backups (sent to you, or stored remotely as arranged)
- Access to WordPress related video tutorials (not many yet, but they will grow) – tell us what you’d like to learn!
- 30 minutes troubleshooting/support/ per month if necessary – this is non-cumulative time, additional work billed at $70/hour
All this for $39.95 per site, per month.
No contract, you can leave anytime you wish. If you have more than one site, there are discount for multiple sites too.
Please contact us if you are interested in our Serious Plan for more security at $85 per month.
I’ve inspected a lot of the other offerings out there, and built this one to be wide-ranging, while staying competitive.
…And remember, of course, that I am a hard-core developer/coder with skills that go a lot further than simple WordPress maintenance.
Although unlikely, should anything go wrong with your site, I’m prepared to utilize all my skills to get you back up-and-running as quickly as I can!
So, what to do?
Click Here to sign up for our this new WordPress Maintenance Plan
I would seriously like to help you, so if there are any questions of uncertainties that are holding you back from taking this step, please contact me and I’ll do my best to clarify things for you.
I urge you to be proactive and take this step to protect your site without delay.