Costs associated with websites are generally the initial design and development, hosting, updating, and redesign. I want to talk a bit about hosting your website and the importance of choosing the best hosting solution for a business website, especially a Content Management System platform like WordPress.
WebWize is the oldest web design and development company in Houston, Texas. We have been running our own web servers since our inception back in 1994. Our first webserver was a Macintosh Quadra 700, running WebStar webserver software.
Today, we still own and operate 5 web servers, housing both websites and providing email solutions for our clients. The technology of today’s servers are more advanced than was necessary back in the early 90s. Today’s websites require more features, databases and more importantly, security.
A webserver is a computer/server connected to the internet that stores and delivers web sites to requesting internet browsers.
The digital internet age has brought a new a new evil into our internet lives, THE HACKER! Hackers, spammers and digital criminals on the internet require hosting companies to continually monitor, update and maintain servers 24 hours a day at an incredible cost to those providers. I will not disclose the number of hack attempts on our servers each day. Although, if I had a dollar for each hack attempt or Chinese port scan on our servers, I would be able to afford a Bentley Continental in less than a year.
As a business owner that relies on your website for day-to-day business activity and new business, one of your top priorities should be a SECURE, fast, reliable hosting provider. Many times your web site is your businesses’ first impression to new clients and provides critical contact information for existing clients. Subsequently, web site availability is critical.
It boggles the mind why a business owner would complain about $50/month business-level hosting cost. Those same people that bitch about business-level hosting costs will sign up for $100+ per month cable TV in their home without blinking an eye. This type of business decision simply defies logic.
So, why do so many business people believe all hosting is equal?
Basically it comes from being uninformed or told by a person uneducated on the subject of website hosting. Also, all those misleading commercials on TV, you’ve seen them – “Get your domain and website for $1 a day!” We refer to these companies as “Server-farms”. A “Server-farm” is a company that has has many low-cost, low-end servers. Their business model is very simple, land as many websites as you can and put as many of those sites on a server as possible.
So, what is wrong with “Server-farms” for business hosting?
The issues with server-farms are two fold. One, the servers can not stand-up to high demand especially when hosting database driven website frameworks like WordPress. High demand on low end servers result in slow page load times (which hurt your Google SERP [search engine ranking position], which is another topic for another time) and Two, SECURITY.
Normally a server is secured first at the firewall then through the programming environments supported by the server. But hackers generally find ways into websites through poorly administered logins, and/or compromise servers through vulnerabilities within the server’s programming environment. This is where Content Management Systems like WordPress can have an issue. It is not necessarily WordPress itself, but poorly written plugins, weak password security rules and a hosting company’s security practices and policies.
Let’s talk a little about WordPress.
WordPress started out as a blogging platform and due to the large development community, has matured into a corporate level website platform. WordPress plugins provide the ability to add features and functions to a website at an extremely low cost compared to coding those features by hand.
Let me give you an example of what plugins can do and the money they can save you.
Lets say you are in the seminar business and own a WordPress website. Ideally you should provide your seminar classes online with a registration function along with accepting credit card payments. Before website frameworks such as WordPress, writing a web feature that would include user control panels, admin control panels, credit card API ties, payment reporting, etc., would easily cost $15,000-$30,000. With WordPress, you can purchase a plugin called Event Espresso for a few hundred dollars. Install it, spend a day or two learning the program and you are up and running. THAT IS THE POWER OF WORDPRESS AND WHY IT HAS BECOME A LEADER IN TODAY’S WEBSITE MARKET.
So where is the issue you ask?
The power of WordPress is in the development community that builds these feature-rich plugins. This development community is also where the downside of the WordPress can be found. There is not any accreditation or testing a developer must complete before allowed to distribute or sell a plugin. Although most of the WordPress development community are great programmers, there are plugins that can and do have security holes. HACKERS ARE PROGRAMMERS — HACKERS KNOW THE HOLES AND HOW TO EXPLOIT THE VULNERABILITIES.
Now let’s talk about server farms and how they fit into this explosive cocktail.
A server farm is going to have many websites on a server. This is called a shared hosting environment. Shared hosting reduces the cost of doing business for a hosting provider. The issue is not how many sites are on a single server but that if a single site is compromised (hacked), that website can and most likely will affect or even bring down every other website on the server.
A single server-farm type web server will house anywhere from 75-200 websites. If your website resides on a server along with another site that fails to change or use secure passwords, that site can and most likely will get hacked. The result will be your site “going dark”. Welcome to the world of “server-farms” – non-business-level hosting solution! Remember, the server’s security is only as strong as it’s weakest login or plugin.
But wait, it gets better. And this next information comes from personal experience. When a server is hacked, a hacker will normally attack portions of the server system outside of the websites. Places such as databases, server registries, etc. When and if this level of hack happens, you will need to get a specialist to clean your site of any hacker’s tracks and coding, but in about 2 weeks, the server can and probably will become reinfected. About 12 years ago, one of our servers was taken down by hackers out of China. We cleaned many sites of infected code. 14 days later, all of those websites were reinfected. The hackers had installed a timed re-installation of the infected code! Subsequently, that server had to be taken completely off-line, removed from the co-location facility, replaced with a new $6K server, 50+ sites cleaned and relocated. This took about 200 man hours, and we lost about half the clients in the long run. We estimate the cost with lost business at over $100K. This article is based on experience, not BS.
Now lets talk about why we require WordPress sites to be on WPEngine.
The website market has changed considerably over the last 5 years, especially with the development of WordPress. We could clearly see we needed to adjust our website business model to include WordPress development or lose approximately 50% of any new clients. When we began investigating WordPress, we immediately found there were issues with security, as there are with any open-source content management platform (these security issues are not unique to WordPress). Since I did not want WebWize staff to have to learn a new web server platform for hosting, we began researching WordPress hosting options. We spent several weeks in our search for the best WordPress hosting solution for us and our clients (yes our site is a WordPress site). We kept coming back to a company out of Austin, Texas – WPEngine. They had the best overall reviews, fastest server time tests, clearly the best customer support, BUT MAINLY THEY HAD BUILD IN SECURITY AND ADDITIONAL FEATURES no other WordPress hosting solution offers.
What WPEngine offers that convinced us to partner with them.
- WPEngine runs nightly scans of each and every site they host. Scanning for any vulnerabilities within all WordPress installations. If any site has a plugin that would comprise any site (meaning it could compromise all sites on a server), the owner of the site is notified of the issue and they are given 72 hours to fix, update, replace or remove the plugin. If they do not, WPEngine will remove the plugin. To me, this is the single most important feature of WPEngine!
- WPEngine provides nightly backups of all sites and databases of your website. AT NO CHARGE! You do not have to purchase a backup plugin and maintain it. With WPEngine hosting, it is all handled by WPEgnine.
- WPEngine provides a free staging area for your website. When you want to work on a new design, test a plugin, have updates to your site completed and reviewed before going live, you do not have to pay someone to create a second WordPress install. You simply push a button, in about 10 minutes you have a complete duplicate of your website and database. Subsequently, when you are finished with your changes or new design, simply push another button and the new site is moved to the production server. Amazing!
- Content Delivery Network. Free!
- Automatic updates to the latest WordPress version. You do not have to worry about it. They do it all. This is where many server-farm WordPress sites get hacked. They do not keep up with WordPress versions. This leads to versions of WordPress that have vulnerabilities.
- WPEngine updates PHP. PHP is the language that runs WordPress. It needs to be updated also.
- WPEngine has developed it own caching system. No need to buy a caching plugin. Another savings!
- WPEngine has minimum password requirements – reducing the possibility of other uninformed or lazy website owners using weak passwords that could lead to a compromised website and an entire server.
- If any site does get hacked – WPEngine will fix it for FREE!
- Site Speed. WPEngine continually ranks as the fastest WordPress hosting services on the internet. Google’s algorithm uses page load times as part of their ranking algorithm. WPEngine removes this concern. You have to do your part in the way your graphics are sized and formatted, WPEngine does their part.
- WPEngine has an SSL Cerificate services. All you do is push a button to order it and they handle the rest and bill you for the SSL Cert. They also automatically renew the certificates for you each year. We have been providing our customers SSL Certificates for years and not having to keep track and reinstall SSL Certs at the server level is simply wonderful.
- Simply the best customer support on the planet. This is not even debatable.
You may feel the server farm hosting solution is all you need and it very well may be. But why would you risk your business website for $20 dollars a month when you can have WebWize and WPEngine working for you? Just look at the 12 Reasons I list for using WPEngine. A single hack would cost you what you thought you would save in hosting, ten times over. And if your website gets hacked once, it will happen again if you are at a server-farm.
I remember back when I had horses. A Ferrier told me when I first joined the horse world, “It is not a matter of if you get hurt around horses, but when.” Same holds true with server farms…its not a matter of if your site or another site on your server get hit by hackers, but when…take it from us, we know.
Make the WIZE decision if you have a WordPress site. Use WebWize and WPEngine together. You and your website will be glad you did.