Unfortunately, most small, reliable hosting companies are getting swallowed up by the big guys. These boutique companies start out with great service and tiny monthly fees. Then they get bought out, enter into greedy price wars, and things start to fall apart.

A colleague called to tell me that a client of hers lost their entire WordPress site when A Small Orange Hosting went down and the website couldn’t be restored. The idea of losing months worth of work gave me a stomachache and is still gnawing away at me.

I guess the bottom line is this: Forget about cheap hosting unless you can afford to lose your website and don’t mind starting over from scratch. People roll their eyes at me when I suggest WPengine at $39 per month. Yet it starts to sound like a very good deal when you realize they backup their client’s sites every 24 hours so, whether their servers are struck by tornados or vicious hackers, you can easily restore when bad things happen.

So, based upon discussions with local experts and extensive experience working with various hosting companies, these are my recommendations:


 

Flywheel hosting is a new player who is tuned for WordPress, features fast load times and nightly backups.  For a “tiny” site it’s only $14 per month and includes free SSL with 5GB disk space.

Do you mean business with your site? wpEngine costs a bit more but worth the expense with superb customer support, built for WordPress clients. The $39 personal plan should be fine for most clients. Read about their superior security below.


This info is Reprinted from the The WP Engine Affiliate Team

Say Goodnight To The Bad Guys

Protecting your website from DDoS attacks and data breaches has never been more important

We’ve all heard the famous quote from former CEO and executive chairman of Cisco Systems, John Chambers, “There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.”

Just skim the headlines on any given day and you’ll see why. Security breaches, ransomware attacks and malware attempts continue to compromise businesses’ mission-critical data at an alarming rate.

Unfortunately, this trend isn’t showing any signs of letting up. According to a recent report from Positive Technologies, cyber attacks increased by more than 30 percent between the first quarters of 2017 and 2018, and the use of malware in those attacks has grown by 75 percent since the start of 2017. Additional nefarious methods, such as DDoS attacks and SQL injections continue to wreak havoc across the globe. The question for most organizations isn’t IF they are going to be breached, but how they can isolate and mitigate the threat.

While the threats—and the horror stories to back them up—abound, taking action, and finding the right cybersecurity solutions to fit your specific needs, can be more elusive.

Every business is different, as is the data they collect and store, and methods that work well to harden the security posture of one organization may not work at all for another. However, when it comes to securing websites, and WordPress sites in particular, there are some options that rise to the top of the list.

Many organizations begin their search for security solutions with their WordPress hosting provider. These third-party providers offer various levels of service, and many of them include basic processes for securing their customers’ WordPress sites. At the most fundamental level, this should include the management of updates to WordPress core— a key step that can drastically improve the security of almost any WordPress site. Other providers may have added controls in place that encourage strong passwords and limit user permissions.

Other security options many businesses take advantage of are the wide array of security and antivirus plugins that have been made available for WordPress. Plugins such as Akismet or Bulletproof Security have been successfully employed by many businesses looking to harden their WordPress sites against comment spam or malware. However, some plugins may not be suitable for websites with a high volume of traffic while others will charge a fee for unlocking premium features.

Some businesses rely on a combination of the above options for securing their WordPress sites and then augment their security posture with additional preventative measures. One such safeguard is enabling a web application firewall (WAF), which blocks malicious traffic before it reaches its intended target. Other precautions include adding encryption to a site or disabling directory indexing and browsing, which makes it more difficult for bad actors to discover exploitable vulnerabilities.

While the options for securing website are numerous, one thing is certain—combining multiple layers of security is among the best ways to stay safe in today’s world of constantly-evolving cyber threats.

It’s this premise that has put in motion various solutions for website owners to isolate and mitigate threats including the recently announced Global Edge Security, an enterprise-grade cyber defense solution built specifically by WP Engine and Cloudflare to secure WordPress sites from a laundry list of malicious attacks.

Global Edge Security integrates WP Engine’s platform, which powers the WordPress sites of more than 80,000 global customers, with Cloudflare’s managed web application firewall (WAF), advanced distributed denial of service (DDoS) mitigation, SSL/TLS encryption, and content delivery network (CDN) across a global edge network spanning more than 70 countries to deliver secure, scalable digital experiences.

The solution was created as a cloud-first, high performance, advanced security solution built on Cloudflare’s intelligent network, and it provides the best security protection against top Open Web Application Security Project (OWASP) security vulnerabilities, nefarious acts and DDoS attacks that threaten digital businesses with catastrophic damage.

By packaging these components together into a single solution, WordPress users now have a simplified approach to securing their websites. This also makes it easier for you to protect your most valuable digital assets—the customer experience, their trust in your brand and your revenue—with enterprise-level security intelligence built on the combined experience and expertise of WP Engine and Cloudflare.

Businesses that neglect or fail to secure their digital experiences leave themselves vulnerable to attack and will inevitably experience a negative impact on revenue, end-user engagement, brand reputation and customer churn. Taking the first step and prioritizing security is crucial, and while no security plan can prevent every single one of today’s cyber threats, securing your site against the most common types of attacks is a huge step in the right direction.