I’m updating this post because I want potential clients to understand the downside of using their “usual” hosting company. They often offer you cheap hosting to continue and that seems like a good deal. Here’s the problem: I’ve just built two websites where I honored their preference.
So what happened? The host’s interface was clunky and error prone. So, I spent 4-6 hours on chat or tickets with customer service. The SSL certificate wasn’t “one-click;” they said they took care of something, but they didn’t. They couldn’t perform the simple task to point the website from the “staging” site to the client’s actual address despite the fact that their Control Panel didn’t allow me to perform that task myself. Bottom line: The client ended up paying another 4-5 hours on their invoice; any savings evaporated. Plus, what is normally a joy to me (building websites) becomes an interminable slog.
Unfortunately, most small, reliable hosting companies are getting swallowed up by the big guys. These boutique companies start out with great service and tiny monthly fees. Then, they get bought out, enter into greedy price wars, and things start to fall apart. And please don’t tell me you’re being hosted by GoDaddy. While they once trained their customer service people, they’ve all been converted to up-selling salespeople who have no idea how to perform simple requests.
So, based upon discussions with local experts and extensive experience working with various hosting companies, these are my recommendations:
Want cheap but solid hosting? Their StartUp Managed WordPress plan is $6.99 per month for the first year. After that, it will be $15 per month. I often recommend WordPress “Grow Big,” $9.99 per month, because it includes email hosting free additional sites.
Flywheel hosting features fast load times and nightly backups. Their “tiny” plan offers 5gb storage and free SSL for $15 per month and is ideal for small, simple installs. They were bought out last year by WPEngine but, hopefully, they will honor these monthly prices going forward. Runs latest version of PHP.
Do you mean business with your site? wpEngine costs a bit more but may be worth the expense with superb customer support, built for WordPress clients. They recently reduced startup plan to $25 per month, which should be fine for most clients. Read about their superior security below. Includes 24/7 support and free automated migrations. Daily backups? Of course
This info is Reprinted from the The WP Engine Affiliate Team
Say Goodnight To The Bad Guys
Protecting your website from DDoS attacks and data breaches has never been more important
We’ve all heard the famous quote from former CEO and executive chairman of Cisco Systems, John Chambers, “There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.”
Just skim the headlines on any given day and you’ll see why. Security breaches, ransomware attacks and malware attempts continue to compromise businesses’ mission-critical data at an alarming rate.
Unfortunately, this trend isn’t showing any signs of letting up. According to a recent report from Positive Technologies, cyber attacks increased by more than 30 percent between the first quarters of 2017 and 2018, and the use of malware in those attacks has grown by 75 percent since the start of 2017. Additional nefarious methods, such as DDoS attacks and SQL injections continue to wreak havoc across the globe. The question for most organizations isn’t IF they are going to be breached, but how they can isolate and mitigate the threat.
While the threats—and the horror stories to back them up—abound, taking action, and finding the right cybersecurity solutions to fit your specific needs, can be more elusive.
Every business is different, as is the data they collect and store, and methods that work well to harden the security posture of one organization may not work at all for another. However, when it comes to securing websites, and WordPress sites in particular, there are some options that rise to the top of the list.
Many organizations begin their search for security solutions with their WordPress hosting provider. These third-party providers offer various levels of service, and many of them include basic processes for securing their customers’ WordPress sites. At the most fundamental level, this should include the management of updates to WordPress core— a key step that can drastically improve the security of almost any WordPress site. Other providers may have added controls in place that encourage strong passwords and limit user permissions.
Other security options many businesses take advantage of are the wide array of security and antivirus plugins that have been made available for WordPress. Plugins such as Akismet or Bulletproof Security have been successfully employed by many businesses looking to harden their WordPress sites against comment spam or malware. However, some plugins may not be suitable for websites with a high volume of traffic while others will charge a fee for unlocking premium features.
Some businesses rely on a combination of the above options for securing their WordPress sites and then augment their security posture with additional preventative measures. One such safeguard is enabling a web application firewall (WAF), which blocks malicious traffic before it reaches its intended target. Other precautions include adding encryption to a site or disabling directory indexing and browsing, which makes it more difficult for bad actors to discover exploitable vulnerabilities.
While the options for securing website are numerous, one thing is certain—combining multiple layers of security is among the best ways to stay safe in today’s world of constantly-evolving cyber threats.
It’s this premise that has put in motion various solutions for website owners to isolate and mitigate threats including the recently announced Global Edge Security, an enterprise-grade cyber defense solution built specifically by WP Engine and Cloudflare to secure WordPress sites from a laundry list of malicious attacks.
Global Edge Security integrates WP Engine’s platform, which powers the WordPress sites of more than 80,000 global customers, with Cloudflare’s managed web application firewall (WAF), advanced distributed denial of service (DDoS) mitigation, SSL/TLS encryption, and content delivery network (CDN) across a global edge network spanning more than 70 countries to deliver secure, scalable digital experiences.
The solution was created as a cloud-first, high performance, advanced security solution built on Cloudflare’s intelligent network, and it provides the best security protection against top Open Web Application Security Project (OWASP) security vulnerabilities, nefarious acts and DDoS attacks that threaten digital businesses with catastrophic damage.
By packaging these components together into a single solution, WordPress users now have a simplified approach to securing their websites. This also makes it easier for you to protect your most valuable digital assets—the customer experience, their trust in your brand and your revenue—with enterprise-level security intelligence built on the combined experience and expertise of WP Engine and Cloudflare.
Businesses that neglect or fail to secure their digital experiences leave themselves vulnerable to attack and will inevitably experience a negative impact on revenue, end-user engagement, brand reputation and customer churn. Taking the first step and prioritizing security is crucial, and while no security plan can prevent every single one of today’s cyber threats, securing your site against the most common types of attacks is a huge step in the right direction.