Security Features & Why You Should Have Us Host and Manage Your Website:
After you have us build the website, we recommend that you then have us host it for you. It’s important to know that there are several new land mines that come with hosting with some of the major hosting companies.
The first land mine is a scam that is happening with some of the best known web hosts. Rather than name them here in text, I am going to show you images from stories that explain this. It’s important to understand that if that company decides you have “malware” you’re going to have your website suspended, your corporate email suspended (if you have it on the server – which you should never do), your WordPress backend suspended and your web host backend suspended. If your “backups” are on that server, they will also not let you access those on the server. You may even be paying them a premium fee to be doing those backups. You will not be able to download ANY of your files. Even though the fix for “malware” on a WordPress site typically takes five or ten minutes in 99% of the cases, they won’t give you that opportunity. If you don’t pay the fee, they simply “destroy” the all files and databases associated with the website. They know that if you need the website, you will pay.
We don’t own servers. We use either SiteGround or WPMU. Which of the two depends on a couple of different factors we can explain fully in our proposal to you. We use these because both are dedicated to not scamming anyone. Better than that, they fully update the servers at all times. All versions of the software are absolutely up to date. They know WordPress and they know how to protect your website.
Whether we host it for you on either of these hosts or you directly host with one of these companies, we further secure your website by setting up 2-step logins for both your server account and your WordPress login. We move your login to a non-standard link so that denial of service attack attempts will be thrwarted by more than 99%.
We will convert your site to SSL with a current certificate. This makes your browser show the “lock” in the address bar along with “https” replacing “http.”
If you run a medical, dental or ask clients or potential customers to upload personal information or forms, we can further secure the website with a better SSL certificate that will then show the browser with a green background behind the lock. This will then show your company name when web visitors click on the lock or the https in the browser.
With email, we can help you set it up. We always recommend setting email up with either Microsoft 360 or Google Suite (formerly Google Apps). These allow you to use either the iPhone/Android apps for Microsoft Outlook or Gmail. These also allow you to get to email on any web browser or using an email client like Outlook. Both work with Outlook. Both offer all the features you expect, like calendar, appointments, tasks and notes. The rule of thumb here is which “eco-system” you prefer. If you are used to using Outlook in business, go with Microsoft 360. If you are in the Google Gmail system, go with Google Suite.
Forms on the website are sent from your web domain. It’s important to further integrate your email settings in the DNS system with your domain.
CloudFlare is free, unless you want some of their premium services. You don’t need any, really. CloudFlare hides your IP address and leaves those that would attack your website clueless about where it is hosted. The biggest benefit is that CloudFlare makes your website available quickly anywhere in the world. I personally had issues before CloudFlare existed getting a Dallas area server to serve all over the United States and Canada without delays in distant areas. Nobody remembers how slow European websites used to load. With CloudFlare, the internet is quick for all.
The Biggest Security Benefit We Offer:
We don’t use plugins and scripts from dubious third parties. We either use fully legitmate plugins, or we create the functionality ourselves. Most WordPress Plugins offered for free may do great things, buy they are usually written by someone in the second or third world. Usually they start out “clean” but then after a year or two, someone pays the publisher to insert code. This is the start of “malware” on your website, and you don’t even realize that you brought it on by trusting a free plugin written by someone from Easter Europe.
We know how to get around this. I trust any plugin from WPMU or Elementor. Beyond that, I trust no one.