Site Maintenance and Security

Site Maintenance and Security.  All software needs maintaining whether it’s an operating system, a desktop application or your website.  Exactly the same applies (even more so) to your digital shop front, the gateway to the world wide web.

You may wonder why you need to apply a patch when your CMS system seems to be working fine?  You do if you want to keep it this way.

THE RISK
The risks of not having site maintenance and security plan. By not routinely applying a patch/security update to either the Drupal/Wordpress core – or one of the contributing modules/plugins – you risk exposing your digital brand by leaving ‘the back door’ open for malware, malicious code or SQL injection. In doing so, you’re vulnerable to all or one of the following:

• You might well be allowing unauthorised access and control of your system.
• Exposing your data to unsolicited sources.
• Adversely affecting your site speed/performance with a detrimental knock-on effect on your coveted SEO.

In short, you may just as well be leaving your keys in your brand new car while parked in a bad neighbourhood.  This is why site maintenance and security is so important!

SECURITY PATCHES

The timeframe between identifying a security exploit being identified to when a security patch can be released is continually getting shorter.

The same applies to hackers who get wind of these publicised vulnerabilities and write code accordingly. Whether or not the intent is malicious, or simply out of curiosity, the point is that it’s like a cat playing with a mouse; they do it simply because they can.

For CMS systems or any of their contributing modules, there’s no specific regularity for the release of security patches. Usually, as vulnerabilities are exposed, new patches are released on within a few days.

OFF SERVER BACKUPS

The latest backups of the file system and database should be stored OFF SERVER, backups should be performed EVERY time there is a change to the site code.

ALERTS

Within Google Analytics, it is possible to set alerts to monitor spikes drops in traffic, ensuring that you are notified when/if there is a problem.

IF A SITE GOES DOWN HOW CAN IT EFFECT MY SEO?

The following illustration highlights the organic drop in daily Google impressions for a small business in Hampshire, following 4 days of a system being down and unnoticed.

At an average CTR of 2.5% on keywords worth on around £2.00 per click, the loss of value to the business is calculated as follows.

Previous traffic (before the crash) 

• 1200 (impressions) / 100 x 2.5 = 31.25 average clicks from search
• 31.25 x £2.00 = £62.50 daily value of these organic clicks
• £62.50 x 28 days =  £1750 per month

With a loss of trust from Google it has taken the client 3 months to return to these average daily impressions (3 x £1750 = £5250).

These figures do not account for consultancy fees for fixing the hack, SEO services or for the loss of potential sales.

In conclusion, it is important to have some type of alert set up for web monitoring!

PREVENTION IS THE CURE

As a site owner/manager, it is vital for you to be aware of your site version, the modules/plugins in use and consequently for you (or a trusted partner) to be able to track, test and implement security patches as soon as humanly possible.

We offer a Site Maintenance and Security package of one hour a month to ensure, that off-site backups, security patches and testing are performed.  For restoring a single point of contact which can be implemented within a few hours.   In any time remaining, within that contracted hour we target needed improvements to your site infrastructure ensuring that you get the best value for your Site Maintenance and Security expenditure.