Do You Need a Website Maintenance Plan?
The How and Why of the Website Maintenance Question
There are tens of millions websites on the internet today that are constructed using a Content Management System (CMS) of some sort. Joomla, Wordpress, Drupal and proprietary systems like Wix, SquareSpace are all examples of a CMS. These systems require regular maintenance for several reasons. Keeping the core software as well as any installed plugins and extensions up to date is critically important for the integrity of these platforms. If your website is constructed using one of these popular platforms, it would be very wise to consider some type of service or maintenance plan. (Wix, SquareSpace and others maintain their own software).
Why Should You Update Your Website?
A lot of work has gone into your new website design. Everything should be brand new and up to date. But what happens if there are updates to the software for your CMS or plugins and extensinos? These should be updated on a regular basis for more reasons than one.
Updates for Security
The single largest reason these platforms and software need maintenance or service on a regular basis is security. Hackers are constantly seeking, and finding, ways to infiltrate a website to perform their nefarious deeds. These “deeds” cover a wide variety of motives, none of which benefit you, your website, and most importantly, your visitors.
Types of Security Issues
The kinds of security breaches and hacking that can befall your website varies greatly. Here is a list of some common tactics:
- Viruses and malicious code
- UI Redress
- Cookie Theft
- Denial of Service (DoS\DDoS)
- DNS spoofing/li>
- SQL injection
- Keylogger injection
- Non-targeted website hack
- Brute force
The results of these attacks also vary. They can include (but are not limited) to:
- Malware - the installation of malware, viruses and spyware onto your website that infects users’ computers and devices, often with disastrous results
- Redirects - the process of redirecting your visitor to another website, very often a less than scrutable destination such as gambling sites, porn sites and others
- Link Embedding - the process of adding links to your website that lead to other websites for a variety of reasons, or download Malware onto your visitors’ computers or devices
- Identity Theft - if your website visitors are submitting information via forms and fields, the information can be hijacked and stolen
- Direct Denial of Service (DDoS) - this is an attempt to entirely shut down your website by virtue of an incredibly large volume of traffic to your website that it cannot handle and, consequently, shuts down
- Deleted or Stolen Data - SQL Injections can often infiltrate your admin area or server and delete our steal data from your database
(This article does not attempt cover every possible hacking scenario but merely covers that basics to impress upon you the need to constantly monitor your website for updates. You have a responsibility as a website owner to protect not only your website, but more importantly, your visitors!)
To get an idea of just how prolific website hacking has become, consider the graph below.
- Infected Websites Platform Distribution 2018*
- WordPress: 90%
- Magento: 4.6%
- Joomla: 4.3%
- Drupal: 3.7%
- Modx: 0.9%
- PrestaShop: 0.6%
- OpenCart: 0.4%
- Others: 0.7%
*2018 Statistics from Sucuri after it analyzed over 33,592 hacking cleanup requests
To be fair, WordPress has the largest share of websites using their content management system on the internet to date. Many would argue it stand to reason that due to the sheer number of websites using Wordpress, the number of hacked websites will also increase.
Updates for Bugs and Conflicts
Developers of plugins and extensions will often provide updates to their software when a known bug or issue is discovered. These bugs or conflicts may come to light after release and implementation in the market. Users are usually the ones to find the issues and report them.
Quality developers will always test and retest their software in an effort to find these bugs before they are released. But try as they might, they aren’t always able to catch every possible issue or conflict so an update after a release is not an uncommon occurrence. Therefore an update will be released. Developers may also publish a ChangeLog that chronologically lists all the updates and their reasons for the update.
These known updates should be immediately installed on your system to ensure that your users are getting the best experience possible without issues due to extensions that have not been updated.
Updates for Features
Updates are a regular occurrence as new features are constantly being introduced. The greatest feature of these content management systems is the ability for a non-programmer or non-HTML person to provide website design without necessarily knowing how to code. The functionality available in these systems is such that a non-coder can provide blogging capabilities, image slide shows, galleries, accordion effects, page layout and other features that would take a great deal of programming and money to implement in a static website design. This speaks loudly to the popularity of these systems.
These features are constantly being updated and added to in an effort to keep up with the Jones’. There are a great number of developers out there creating plugins and extensions that extend the functionality of a website. Competition is fierce and they are all vying for your attention or the attention of your developer. With that said it is wise for a developer to regularly update the features of the extension in order to deliver more reasons to use their software.
While these updates are not necessarily critical to maintain on your website, they are often paired with other updates that may include security and / or bug fixes. So it is best practice to keep them up to date.
Other Benefits to Maintenance Plans
Aside from all the security issues and software updates, a website maintenance plan can also include additional services to keep your website running smoothly. Your website will be monitored closely for missing images, broken links, 404 errors, uptime, analytics and other common issues. Do you have a CMS that members of your organization have access to? Perhaps a mishap occurred during one of your blog updates. A quick call to your service provider can help fix most issues and offer advice on how to prevent further issues from occurring.
Backup Your Website Regularly
Keeping your website software up to date is a great effort in thwarting the attempts of would-be hackers. But now that you have accomplished this task, and are hopefully doing so on a regular basis, now what? Backup! Backup! Backup!
It is a very common misconception that if you backup your website you are done. While it is a great practice, it is far from complete. Keeping your backups on the same server as your website is tantamount to the fox guarding the hen house. If the web host that hosts your website, or the server in which it is store is ever compromised, your back-ups are now at risk.
Store Backups Off-Site
In days of old, backups were copied to disks and then stored in either a safe, or taken home or to another facility. This made perfect sense when considering the possibilities of losing these disks due to fire or natural disaster or theft of a business’ establishment. The same concept is considered best practice today. Albeit in a different fashion.
Make sure you store all of your backups in an off-site location. In today’s world this often means a cloud solution. DropBox, Amazon, Google Drive and other services provide space to store a great deal of data. These service providers not only offer vast amounts of disk space, but security measures that the average website owner can only dream of.
How Much Does Website Maintenance Cost?
Prices will vary greatly for website care and maintenance. This can depend greatly upon the size and complexity of the website, as well as the providers of this service. But suffice it to say, you can enter into an agreement with your website designer to maintain the website and keep things backed up and up to date for very little when considering the alternatives. Agreements can also include changes to your website in the form of hours allotted monthly.
Check with your website design company and discuss the measures that can be taken to help ensure your website remains secure and updated. Bear in mind that there are no silver bullets when it comes to website security, but there is much that can be done to help prevent hacking of your content management system. Failing to prepare is preparing to fail.
Have questions? Contact us today!