In today’s world, having a website for your business is essential. Whether you are a hip coffee shop that caters to the young on-the-go workforce or a local keysmith that has been in business 100 years and the whole town knows your name, you need a website. You need a place to list your services, a place to communicate with your current and future clients, your own digital storefront in cyberspace. Just like your real-world storefront, you need to protect your website from security issues and downtime. Think of it like you have posted hours of 8 AM – 8 PM every day, but the front door is locked (or worse yet the door is on fire). Below I will go into brief detail with tips on how to keep your site running smoothly and safely (and how we at Webolutions help to manage this for you because one less thing to worry about is always nice).
CMS and Plugin Updates:
Most websites today are built using a Content Management System (CMS). WordPress is easily the most common (powering at least 25% of all websites) but you may have also heard of Joomla, Drupal, and Magento. Regardless of the CMS that you use, the group that created it are constantly improving it through new features, bug fixes, and most importantly, security patches. It is of vital importance that if you are managing the security for your website that you login and perform the suggested updates at least monthly (ideally weekly). When a new exploit is detected, teams work fast to implement a fix but until you update your site, you will be vulnerable.
This same principle applies to 3rd party plugins that many CMS’ use. These add-ons can enhance a site but you must be careful to choose plugins from authors who are in it for the long haul. A recent example of this in the WordPress world is a plugin known as Post SMTP. This plugin allowed administrators to configure what email server a WordPress site would use when sending a message through the site. This is a super helpful plugin that a lot of admins use (myself included) but the original author stopped updating it a few years ago. It continued to work correctly, however, a recent security hole was found that was too major to ignore. Luckily, a developer in the community took it upon themselves to update and maintain the plugin.
The short answer here is: Keep your site up to date. If you are a Webolutions client, we perform these updates for you automatically and critical updates are pushed out within a few days of being reported.
Daily and On-Demand Backups:
Going hand in hand with keeping your site up to date is having a process in place for disaster recovery. If the worst should happen, your provider should be making a daily backup of your entire site (files and database) and storing that off-site, preferably in a redundant cloud solution such as Amazon S3). This system should also allow you to make on-demand backups. The purpose of this is for when you update your CMS and plugins, if something breaks, you can easily roll it back to when everything was functioning correctly. This gives you time to identify the issue with that particular update instead of scrambling to figure out how to get your site back up.
At Webolutions, our sites are automatically backed up daily and before any CMS/plugin updates are performed, an on-demand backup is taken. In general, we try to process updates during off-peak hours. That way, in the event there is a glitch, we can restore from the backup quickly and with as little impact as possible.
More Tips Next Month:
I’ll be back next month with more tips on how to keep your site running smoothly and securely. In the meantime, if you are looking for help in maintaining the security of your site, please reach out to us at 303-300-2640 or use the contact form on our site.