It is vitally important that you protect your website investment. Let’s face it, you’ve just spent good money on getting your website developed and launched, the last thing you need is for some idiot to come along and hack it and deface your masterpiece. Unfortunately website hacking is in plague proportions and is something that all website owners need to protect against.
The <SBIM> Website Maintenance Program is designed to protect your website against hacking and malware injection, ensure your website is backed up and the content management software is maintained and up to date and finally the server and website are operating at peak performance. For only $49 (Ex GST) per month you get peace of mind knowing that your website is safe and secure, your investment is protected so you can get on with running your business – not worrying about maintaining your website.
So what’s included in the <SBIM> Maintenance Program?
<SBIM> takes protecting your website seriously and have partnered with one of the worlds leading suppliers of online security and website monitoring services to bring you the latest in website security.
Our Website Security service is broken down into several smaller integrated services.
The security monitoring system continuously crawls your website attempting to identify any infected files. The scanning process accesses both internal and external records to match files against known infections. These databases are updated daily ensuring that your website is protected from the latest known threats.
The Website Monitoring services include the following:
Malware is short for “Malicious Software” which includes any type of virus, key loggers, spyware, adware, worms, trojan horses and other programs. When you consider it is estimated that there are more releases of malware than legitimate software programs then you get to understand the scale of this problem.
Our website monitoring system scans your website and identifies SPAM injections, website errors, disabled sites, database connection issues, coding anomalies and any instances of malware including:
- Cross Site Scripting (XSS)
- Website Defacements
- Hidden & Malicious iFrames
- PHP Mailers
- Phishing Attempts
- Malicious Redirects
- Backdoors (e.g., C99, R57, Webshells)
- IP Cloaking
- Social Engineering Attacks
If your site is unfortunately infected with malware and it remains undetected, you run the real risk of having your site blacklisted. This can be disastrous for your business as the likes of Google, other search engines and website anti-spam services will block access to your website and even have you removed from their search results. Blacklisting monitoring measures your website status against the major blacklisting authorities including:
- Google Safe Browsing
- Phish Tank
- McAfee Site Advisor
You may not hear of it that often, but websites are hijacked and stolen each and every day. How does this happen? It is very easy to find out what business or person owns a particular domain name. By illegally accessing your domain management details and changing them (possibly through key stroke logging and discovering your password), you can quickly and easily lose control and ownership of your own domain and therefore your website.
WHOIS is an internet directory that provides information on who owns a domain. It is regulated and monitored by the Internet Corporation for Assigned Names and Numbers (ICANN) which is responsible for registration of all domains. This record contains information about the Registrant (the person who owns the domain – you or your business), the Registrar (the entity that registered the domain), the dates, name servers and other important information. If at any time this information changes we are notified and can respond quickly.
DNS is a protocol used by computers to communicate with each other and its specific function is to turn a website’s name (yourwebsite.com.au) into an internet protocol (IP) address like 123.45.567.891. The domain name provided by DNS is how humans read your website name and the IP address is what the computers use. Simple huh? Our system monitors any changes to the DNS and notifies us immediately.
What is SSL? It stands for Secure Socket Layer, a secure protocol that enables the secure transfer of information over HTTP. You may have seen the little pad lock icon in your browser of the HTTPS protocal showing. If your website uses SSL and this will be most likely if your are gathering sensitive customer data or have e-commerce, then you will likely be using SSL which often includes your site and company information. The SSL Certification monitoring alerts us to any changes in your SSL certificate status including expiry or temporary service interruptions.
When your website has been attacked there are likely to be changes to the existing content or new content created; quite often you are the last to know about it. Our system creates a snapshot of your website content and monitors for any coding changes and notifies us so we can determine if the changes are legitimate or have been undertaken by unauthorised entry.
Our system not only monitors your website files through the HTTP fingerprinting processes above but also all files contained on your server. This feature is designed to work quickly to detect the backdoors that are causing and acting as entry points for the injected malware files.
It’s one thing to have your website monitored but it is another to be able to react immediately to the threat and minimise any potential damage. If any of the monitoring services above have been triggered, then our team is notified immediately by SMS and Email and we can spring into action at any time of the night or day.
For even further peace of mind, <SBIM> also offer you a “Hack Free Guarantee”. In the unlikely event that your site was hacked, we will fully restore and repair the site free of charge to the latest backup point before the hack took place. To ensure that the loop holes for hackers are closed, we will investigate to ensure all vulnerabilities are fixed and your site is fully secured and up to date.
Please note, the Hack Free Guarantee can only be offered on sites hosted and maintained by <SBIM>
Backing up your website it a critical element of the <SBIM> Maintenance Program. Backups may be utilised for a number of reasons. You may have experienced an accidental delete key incident or you hit Save or Update when you shouldn’t have. In these cases it is important to be able to retrieve the most recent version of your website content. Similarly if you are undertaking some design modifications and you accidentally delete a section of code or mess things up, you really want to be able to recover quickly and move on.
On a slightly higher level, you may experience a fatal server crash and you lose everything, or you get hacked and a large quantity of files are either removed or replaced – what then? Unfortunately, these sorts of things do happen. The best course of actions is to plan for it by implementing a backup routine.
At a minimum both your website MySQL database (contains all your content) is and all website files (design and functionality) are backed up daily. You may require more regular backups depending on the amount, type and frequency of your changes.
In addition to the live server backup, all of our backups are securely stored on a dedicated managed server, separate to the live server that hosts your website. Not only do we store your backups remotely on a separate server we also back up that server to a cloud service. You can never be too careful!!!
Regardless of what software platform that your website is built on (WordPress, Joomla, Drupal, Magento, Adobe, etc), your website is going to require ongoing maintenance to ensure it remains running at peak performance.
The core of these website software programs are constantly being updated with both functional and security aspects. The new functional aspects often enhance the operation of your website from both an admin and user perspective whilst the security updates fix loop holes used by hackers to access your data.
The same applies to the plugins used on your website. Plugins add functionality to your website and also require updating as new functions are added and security loop holes are closed. However, it is not just a matter of blindly updating the plugins on your website. We must ensure that all plugins are compatible with each other and no conflicts occur with the plugin updates. If conflicts occur the operation of your website can be interrupted.
To ensure this doesn’t happen we operate a test site where every single plugin that we use on all of our client’s site is loaded and functioning. This allows us to update the plugins in a safe environment, identify and fix any potential conflicts before we roll out updates across our client sites. It is imperative that your website and plugin software stays up to date with the latest stable versions of all the software to ensure peak performance and security.
One of the most annoying things for website visitors is suffering slow page load speeds. Think of your own surfing behaviour… The more time you have to wait around for the page to load the greater the chance of leaving the page and moving on. Slow page load speeds can be a major problem for websites of all shapes and sizes.
It is not only important to have a page that loads quickly for your visitors, Google now takes page load speed into consideration when calculating your rankings. After all, a fast page load speed is all about optimising the experience for your website visitor, and Google is all about “experience”.
WPO is the process in which we improve the way your website content loads. When you break it down, websites are simply collections of apps, widgets and scripts that include things like rotating images, Facebook and Twitter Feeds, analytic tracking and ad network code and the list goes on. WPO ensures these resources load quickly.
On average our optimised pages will:
- load twice as fast
- use 60% less bandwidth
- have 65% fewer requests
Unfortunately every browser works a little differently (the curse of the website developer). Our system automatically adjusts the way your content is delivered to the various browsers based on the particular device accessing your site so to increase speed without changing how your site looks or any of its features.
If you think about it, making a website half as big is the same as making the network twice as fast. Our performance system compresses the size of all your files and delivers them compressed to the browser. It also uses local storage on all browsers and mobile devices to intelligently cache the objects necessary to best render your site whilst automatically adjusting the cache header instructions so browsers will correctly cache the resources of your site to minimise the need for new requests. Clever hey!
You website is going to be accessed on many devices from desk top computers to smartphones to tablets. Our system will automatically detect the type of browser your visitor is using and deliver your content in a way that optimizes the performance for that particular platform. Your pages will look exactly the same as they did before, including the mobile version, and structured in an optimized way for that platform. What this means is that your website will be fast on both computers and all mobile devices.
If you rely on traffic from outside of Australia and from around the world then using our Content Delivery Network (CDN) will further enhance your user’s experience. A CDN takes your optimised static website content and stores a copy closer to your global visitors within datacenters around the world. By moving the content closer, it takes less time to access the resources which means the page loads faster. Cool…