Five Essentials For Keeping Your Website Safe

Your website is critical to your business

Your website is one of the most important assets in your business. It’s vital that you keep it updated, protected and online so that you can serve your customers.

If your website is offline or suffering from problems, it’s no longer effective for your business and will lose you revenue (directly – through lost sales/visits or indirectly through word of mouth or social media posts).

In today’s modern world, there are also many other factors to be aware of. It’s common for websites to be targeted with hacking attempts. In fact, the average website will have automated attacks looking for weaknesses multiple times per day.

Are you looking after your WordPress website right now? Can you remember the last time you ran updates in the admin dashboard?

Some of you reading this will never even have logged into the back-end of your WordPress website. What you need to understand is that your website runs using software, just like your PC, Mac, laptop, tablet or mobile device. If you don’t keep that software updated, you run the risk of errors, malfunctions or in the worst cases malware infections.

Paying attention to updates, ensuring they’re carried out effectively on your website and testing afterwards does take time. It may not be time that you have available personally, but it’s a critical task as it will keep your website secure, online and visible to your target audience.

Do you have someone in-house who is suitably knowledgeable with WordPress to perform these updates? It’s okay if you don’t, no-one can blame you considering this could easily cost you $30,000+ per year to have an employee with the right skillset to be able to look after your website. But you’ll need to have a plan in place to keep your website updated and safe.

In this guide, we’ve put together five key essentials to help you set up a maintenance schedule and to keep your website secure. Taking these steps will give you peace of mind and allow you to focus on what’s important to you in your business.

1. Peace Of Mind – Don’t leave backups to chance

One of the worst things that can happen to you as a business owner is to try and access your website and find that it’s offline. Even worse though, is when you get that dreaded email from a customer who tells you that your website is down or that there is a message from Google telling them about malware.

What do you do in a situation like that? For most people, this would mean reaching out to your hosting company and being completely reliant on the ability of their support team to assist you. In most instances, they’ll be able to restore a backup of your website – but this may not have all of the latest data, especially if you regularly update your website or have transactional data like E-Commerce.

As a business owner, you need to have a disaster recovery plan. If you don’t have one already, you must take a few minutes out of your day right now and think about what you will do when something goes wrong with your website.

TIP: Make a note of key telephone numbers or contact details for your hosting company, domain provider and email provider (if separate e.g. G Suite). If you have any problems with your website, you need to have these contact details to hand easily. Don’t plan on keeping these in the same place as your emails, because it’s possible for your website and emails to be down at the same time.

The most important part of your disaster recovery plan is going to center around backups. With a full backup of your website, you can recover this to ANY hosting provider, even in the worst situations.

There are three key things you need to think about with your backup schedule:

1. Off-site Backup – For proper security and safety, your backups should be stored with an external service. For example – Amazon’s S3 platform, Google Drive or Dropbox. This mitigates against any issue where your current hosting provider is inaccessible.

2. Regular Schedule – Your backup schedule will vary depending on how often you update your website and the type of audience you serve. For the average small business WordPress website, a full backup once per week and a daily database backup would be sufficient. For E-Commerce, a daily full backup and an hourly database backup may be a much better recommendation.

3. Encrypted – For the safety of your business data, you should choose a solution that encrypts the backup of your website before storing it off-site. This keeps your data and most importantly your customer data, secure.

2. Security – Good security saves websites

As we mentioned in the introduction to this guide, good website security practices are vitally important for your business.

WordPress powers over 30% of the websites on the Internet. It’s popular and highly powerful. However, with this popularity that also means that you have to be vigilant with the security of your website.

There are thousands of plugins that add functionality to WordPress websites. Your website will have a number of these installed. These will have regular feature and security updates released. Likewise, the WordPress software itself will also have regular updates made available.

The security of your website will rest solely on your shoulders as the business owner. Your hosting company will have some security settings that help to protect your website, but these will not shield you from all of the dangers online. If something goes wrong, your hosting company may restore a backup as mentioned before, but aside from that, you’ll likely be on your own.

You need to have suitable security protection on your WordPress website. To get started with a free installation, you can install a plugin such as WordFence or iThemes Security. These both have quick start guides to help you get setup, but care should be taken to ensure that you don’t accidentally lock yourself out of your own website.

When working with third parties such as developers or designers, you should always retain full control of all password settings. This means not giving out your “master passwords” (main logins) to third parties. If anyone needs access to your website, hosting account or any other digital property, always try and make sure they have a unique login and that this can be disabled by you / your team at any time.

Security is very much a lot of common sense and a little bit of luck. No WordPress website is 100% secure, in fact, no website in the world is 100% secure. The simplest point of failure in most cases is actually a human – whether it’s via scam or a hacked device, or whether they’ve coded something poorly.

TIP: Review the last year and think about third parties that you have worked with. Did you give out a master password to any users? If you did, have you updated it since? Make a list of everything that you’ve either given out a password for and that needs updating or that you haven’t updated in the last 2-3 months. Then update these passwords using a strong password. You can use if you need help with generating a strong password.

3. Maintenance – Your website should never have a sick day

Just like your car, your website needs servicing to stay in the best condition. It’s really important that regular maintenance occurs on your WordPress website.

Without regular maintenance, you run the risk of your website being attacked, going offline through an error or not functioning correctly when future updates are applied.

You’re going to need to schedule regular maintenance time into your calendar or the calendar of your employees.

So what should you schedule? Here’s a list of 4 key items to look at:

  • WordPress Updates – New versions of WordPress are available periodically. These should be installed quite quickly, as they often contain security patches.
  • Plugin Updates – The plugins in use on your website will have regular feature and security updates available. These should be updated often, to ensure that everything is secure.
  • Theme Updates – The theme in use on your website will also have updates available periodically. Make sure you update your theme to keep your website secure.
  • Check Backups – You should check to make sure that your backups are successfully being saved to an external location on a regular basis. If you can’t see the most recent backups at your storage location, you’ll need to fix this as soon as possible. Backups are critical!

Before starting any maintenance work on your website, always make sure that you have a recent backup of your website. You need to be able to restore this if you have any issues with the updates that you are performing.

Once you’ve made any updates, you will need to test your website to ensure all is performing well. To do this, log-out of your admin dashboard and visit each of the pages on your website. If you have any contact forms, fill these in and check that you’re receiving emails successfully.

TIP: Set up a maintenance schedule for your website. You’ll want to schedule this approximately once a week and to set aside up to an hour for the work. Make sure that the user you have assigned is able to work on this regularly and to document any work completed so that you can refer back to this if you have any issues.

4. Reliability – Is your host up to scratch?

Website hosting is one of the most common digital services that you can find online. Every website needs it. Without hosting, your website would not be visible on the Internet. Unfortunately, not every website hosting company offers the same quality and service.

If your hosting currently costs you less than a cup of coffee per month, the likelihood is that you’re paying too little. Low-cost hosting is on what is known as a “shared environment”. This is when thousands of websites are all squeezed onto the same server. The benefit for the hosting company is that they can make more money from each server, but this has unfortunate downsides for your business.

When your website is on a shared hosting server you are sharing the same resources as thousands of other websites. If any of these websites stretches the resources available a little too thin or carries out an action that causes a problem on the server, your website may go offline.

Performance issues can be a major factor on a shared hosting environment. Visitors to your website will wait on average around 5 seconds before they get bored and look elsewhere. If your website loads slowly with your hosting provider, which competitor do you think they’ll go to?

Another common issue is when you host your emails and your website with the same hosting provider. With shared hosting your emails are all being sent from the same server as many thousands of other email addresses. If just one person on the server decides to start sending out a lot of spam (voluntarily or involuntarily), this can cause the IP address of the server to be blocked by email providers. What this means for you in simple terms is that you’ll find your emails not being delivered to your customers, suppliers and important recipients, which has the potential to be extremely destructive for your business. Emails should be hosted externally to your website. Check out G Suite, Office 365, or Zoho Mail for affordable email solutions.

Realistically, you should choose the best hosting that your business can afford. This is one of the most important options that you should not penny-pinch on, as a business owner. As a ballpark, the average website could be hosted very securely for around $25-30 per month online. Yes, this is more than a coffee. But what price is the cost to fix a website that has trouble on a cheap shared hosting platform? I can tell you it’s often in the hundreds of dollars.

TIP: Review how much you’re currently paying for your hosting and where you found this hosting company online. If you’re paying around the price of a large coffee or two per month, it’s quite likely that the company may not be the best option for you. Also, take a serious look at your emails. Switching to G Suite costs around $6/month per user, and it’s on one of the most reliable email platforms on the Internet – run by Google.

5. Proactive Not Reactive – Don’t wait till disaster strikes

You have two options when it comes to your WordPress website…

Do you want to be proactive, keep your website updated, being ready for any issues that might arise? Or would you prefer to be reactive and only react when there is a problem, often when it’s far too late for a quick fix?

Whilst it makes sense to try and limit outgoings, it’s far more expensive to react to disaster than it is to have proactive monitoring in place and to be able to mitigate issues as they happen.

Do you have the experience to look after your website or do you have an employee who is experienced? As we mentioned in the introduction to this guide, a typical cost for a competent WordPress individual to work in your company could be around $30,000/year. That’s not including a desk in your company and the additional facilities and payroll-related expenses.

Of course, they could work part-time – but then you’ll need to rely on them to be available for you as and when you need them. Is that possible?

If you do have the skillset to look after your own website, do you have the time to do so? It’s an hour or so each week, but if there’s an issue that needs immediate attention, this could be another 2-4 hours or more. Can you afford to take time away from key business tasks to focus on the website at these times?

If you’ve answered no to these things, don’t worry. It’s okay that you’re busy. You have a lot of important tasks to complete every day as a business owner and it’s completely understandable. It’s good that you’re busy as it means your business is doing well.

There’s a better way to look at this. Companies like ours offer WordPress Care Plans. A Care Plan is a monthly service where we look after your website, keep it updated, carry out off-site backups of your data and many other services. They’re designed to give you complete peace of mind about your business website and allow you to focus on the more important tasks that you need to, every single day.

TIP: Think about what your or your employee’s time is worth to be available for at least 4 hours each month. Also, would any training be needed for these employees to be able to carry out WordPress maintenance tasks? If the total comes to more than $50 – $100, then you’ll be financially better off looking at a WordPress Care Plan for your business.

Don’t take risks with your website

As fun as it can be to race the fuel gauge when the red light is showing on your dashboard, you should never take the same risks with your website. There is always an automated piece of software or a determined hacker who is ready to pounce and make you their latest victim.

Throughout this guide, we’ve talked about the various risks and issues that can occur with your WordPress website and how to create an action plan and a disaster recovery strategy to ensure that you can mitigate these risks.

You may not have had an issue since your website launched, you may even be one of the lucky few that have never had a website issue, but what happens when it’s your first time?

Taking some time today to start getting your plan together and to know who to contact if something goes wrong is the first step that you can take in ensuring that your website has a great future.

We’ve got a few additional emails and tips coming your way over the next few days, so please look out for these in your inbox.

In the meantime, if you have any questions, please don’t hesitate to get in touch with us.

June 7th, 2021|

Google My Business Listing

Backlinks are not what they used to be when it comes to Google My Business. Here is a little reminder of Local search ranking factors. As you can see, there is a lot to do which will impact more than netlinking to rank your Google My Business listing.

April 2nd, 2021|

Biggest Trends in Marketing

One of the biggest trends we are seeing in businesses that are not getting the sales they expect from their marketing efforts is DESPERATION.

Desperation is usually pretty obvious and follows a simple 2 step formula.

Step 1: someone posts online asking for recommendations or for businesses to share their information.

Step 2: dozens of business owners pile on with their social media accounts, websites, pages, and other links.

The success part of this equation that is missing is VALUE! If you are a service provider, then value can come in the form of providing recommendations or counsel on a particular topic. If you are a merchant of products, then value can come in the form of product experiences and customer feedback.

Going straight to the sale before even starting the conversation and neglecting to in-still value is the essence of desperation. Try getting potential customers to open up about their pain points, challenges, and current needs BEFORE you ask for a sale and you’ll find the route to sales conversion much more straight-forward.

The 2nd biggest trend we are seeing is FALSE RECIPROCATION. This can take many forms, but some of the most visible signs sound like “LIKE-for-LIKE”, “SHARE-for-SHARE”, or “FOLLOW-for-FOLLOW”.

Let me be clear, YOU DON’T NEED TO STOP, but you do need to stop expecting a mountain of sales from it. Giving support to and receiving support from other small business owners is great for your mental health as a small business owner, but trading engagement won’t replace good ol’ market research and prequalification – (1) discovering WHO your target audience is; and (2) finding ways to reach them where they are at; and (3) qualifying your audience by purchase intent; and finally (4) targeting that prequalified audience with your calls-to-action.


March 4th, 2021|

Google promises it won’t just keep tracking you after replacing cookies

March 4th, 2021|

7 Reasons Why You Must Have a Website in 2021

Are you running a business without an online presence? Wondering if you’re missing out on some golden opportunities?

The team here at BlueWaveConcepts shares the reasons why your business needs a website.

  • Your customers expect it.
  • It provides social proof.
  • You control the narrative.
  • Your competitors all have company websites.
  • Never put up the ‘closed for business’ sign again.
  • You’ll show up in Google search results.
  • Showcase your products and services.

February 22nd, 2021|

12 Fantastic SEO Benefits of Blogging

February 21st, 2021|