Protecting your site
Web Security is built-in, not an afterthought
When we build your website, we take into consideration every facet of the platform, so it’s extendable, robust, and focused on performance. Security and maintenance are at its base, not an afterthought.
Prevention
Security begins with a hardening process. When we build your site, we lock down file permissions and access rights, addressing the ways hackers get into a site. Running Open Source platforms like WordPress require maintenance and vigilance, and we make improvements continually.
Multiple levels of protection, alert mechanisms, industry best practices and continual maintenance keep your site up and running.
After your site goes live, we manage a suite of security plugins that protect you from brute-force attacks, malware, and malicious code. These range from free plug-ins to paid versions, which we suggest, relative to your needs.
Two Levels of Protection
It’s important to note that there are two levels of common protection we offer. At the Server level, we rely on our web hosts to offer protections and cures, in the event of an issue.
Often, it’s on the web developer to actually set up these services, and if the client does not specify a need, these simple protections are not put in place. It takes time and effort to perform and manage these services. Make sure it’s getting done for your site.
The second is the Admin level. That’s where we use the platform to ensure we’ve enabled security plugins and backup when we build your site and then maintain it.
We manage this in monthly maintenance fees and encourage you to be aware of the need and level of service you are receiving. This is where most relationships between a web developer and the client break apart.
Backup and Recovery
Site backup and recovery is another subject to discuss. If a site is hacked, we have several options to correct and the most important question is, how quickly can we restore your site.
The first option is to correct the issue. This can be time intensive. The tools we use can be upgraded to their paid versions, when and if they are needed. Other clients run paid versions from the moment they’re launched.
The second option is to restore a previous backup to your site. We recommend a backup schedule that sets how often we create a backup point and how long we keep them. After a restoration, we still need to be vigilant and scan for file changes and intrusion.
The third option is a site rebuild. This might sound like a lot of work, but often, it’s the simplest solution. We can recreate an existing site rather quickly and implement stronger protections from the start.
Upgrades
Many security plugins require a paid upgrade for additional features and performance.
JetPack – Improve your WP security with powerful one-click tools like backup, WAF, and malware scan. Includes free tools like stats, CDN and social sharing. By Automattic, the team who brought us WordPress.
Note: Our upgraded web hosting includes CDN, Daily Backup, and Object Caching for superior performance.
SolidWP – Reduce your WordPress website’s risk to nearly zero with Solid Security. Password, Two Factor Authentication, and Brute Force Protection.
Sucuri – Clean and Protect Your Website Fast. Restore your peace of mind by securing your websites with our cloud-based website security platform and experienced security analysts. Features include site auditing, malware scanner, security hardening, and hack restoration. Recently acquired by GoDaddy.
Wordfence – Make security a priority with Wordfence. Firewall, Malware Scanner, Two Factor Authentication and Comprehensive Security Features, powered by our 24 hour team. We’ve used Wordfence to secure and monitor our sites for over 10 years.
Updraft Plus – Backup and Restore, Migrate site to a new host, clone sites, save them somewhere else, and more. Updraft Plus is the World’s Most Trusted WordPress Backup and Migration Plugin. And they have a great caching plugin.
Next Step
Contact us, Schedule a Call, Get a Quote