Costs associated with websites are the initial design and development, hosting, updating, and redesign. I want to talk a bit about hosting your website and the importance of choosing the best hosting solution for a business website, especially a Content Management System platform like WordPress.
WebWize is the oldest web design and development company in Houston, Texas. We had been running our web servers since our inception back in 1994. Our first web server was a Macintosh Quadra 700, running WebStar web server software.
Today, we still own and operate five web servers, housing both websites and providing email solutions for our clients. The technology of today’s servers is more advanced than was necessary back in the early 90s. Today’s websites require more features, databases and more importantly, security.
A web server is a computer/server connected to the internet that stores and delivers websites to requesting internet browsers.
The digital internet age has brought a new a new evil into our internet lives, THE HACKER! Hackers, spammers and digital criminals on the web require hosting companies to continually monitor, update and maintain servers 24 hours a day at an incredible cost to those providers. I will not disclose the number of hack attempts on our servers each day. Although, if I had a dollar for each hacking attempt or Chinese port scan on our servers, I would be able to afford a Bentley in less than a year.
As a business owner that relies on your website for day-to-day business activity and new business, one of your top priorities should be a SECURE, fast, reliable hosting provider. Many times your website is your businesses’ first impression to new clients and provides critical contact information for existing customers. Subsequently, website availability is essential.
It boggles the mind why a business owner would complain about $50/month business-level hosting cost. Those same people that bitch about business-level hosting costs will sign up for $150+ per month cable TV in their home without blinking an eye. This type of business decision just defies logic.
So, why do so many business people believe all hosting is equal?
It comes from being uninformed or told by people uneducated on the subject of website hosting. Also, all those misleading commercials on TV, you’ve seen them – “Get your domain and website for $1 a day!” We refer to these companies as “Server-farms.” A “Server-farm” is a corporation that has many low-cost, low-end servers. Their business model is basic, land as many websites as you can and put as many of those sites on a server as possible.
So, what is wrong with “Server-farms” for business hosting?
The issues with server farms are two-fold. One, the lower-end servers struggle to high demand, especially when hosting the database driven website frameworks like WordPress. The high demand on low-end servers result in slow page load times (which hurt your Google SERP [search engine ranking position], which is another topic for another occasion) and Two, SECURITY.
Typically a server is secured first at the firewall then through the programming environments supported by the server. But hackers find ways into websites through poorly administered logins and compromise servers through vulnerabilities within the server’s programming environment. This is where Content Management Systems like WordPress can have an issue. It is not necessarily WordPress itself, but poorly written plugins, weak password security rules and a hosting company’s security practices and policies.
Let’s talk a little about WordPress.
WordPress started out as a blogging platform and due to the large development community, has matured into a corporate level website platform. WordPress plugins provide the ability to add features and functions to a site at little cost compared to coding those features by hand; many plugins are free — which really excites website owners.
Let me give you an example of what plugins can do and the money they can save you.
Let’s say you are in the seminar business and own a WordPress website. Ideally, you should provide your seminar classes online with a registration function along with accepting credit card payments. Before web site frameworks such as WordPress, writing this function for a site would include control panels, admin reports, credit card API ties, payment reporting, etc., and would easily cost $15,000-$30,000. With WordPress, you can purchase a plugin called Event Espresso for a few hundred dollars. Install it, spend a day or two learning the program and you are up and running. THAT IS THE POWER OF WORDPRESS AND WHY IT HAS BECOME A LEADER IN TODAY’S WEBSITE MARKET.
So where is the issue you ask?
The power of WordPress is in the development community that builds these feature-rich plugins. According, the development community is where you find the downside of the WordPress also. WordPress developers have not been required to complete accreditation or testing before allowed to distribute or sell a plugin. Although most of the WordPress community are great programmers, some plugins can and do have security holes. HACKERS ARE PROGRAMMERS — HACKERS KNOW THE HOLES AND HOW TO EXPLOIT THE VULNERABILITIES.
Now let’s talk about server farms and how they fit into this explosive cocktail.
A server farm is going to have many websites on a server, called shared hosting environment. Shared hosting reduces the cost of doing business for a hosting provider. The issue is not necessarily how many sites are on a server rather, are any sites compromised or vulnerable. A compromised website can and most likely will affect or bring down every other site on the server.
A single server will house anywhere from 75-200 websites. If your site resides on a server along with another site that fails to change or use secure passwords, that site can and most likely will get hacked. The result will be your site “going dark.” Welcome to the world of “server farms” – a non-business-level hosting solution! Remember, the server’s security is only as strong as it’s weakest login or plugin.
When a hacker hits a server, they will attack portions of the server system outside of the websites in places such as databases, server registries, etc. When and if this level of hack happens, you will need to get a specialist to clean your site of any hacker’s tracks and coding, but in about two weeks, the server can and probably will become reinfected.
About 15 years ago, one of our servers was taken down by hackers out of China. We cleaned all sites of infected code. 14 days later the infection returned. The hackers had installed a timed release injection of the malware! Subsequently, that server had to be taken completely offline, removed from the co-location facility, replaced with a new $6K server, 50+ sites cleaned and relocated. This took about 200 working hours. We lost some eCommerce clients. We estimate the cost of lost business at over $100K.
Now let’s talk about why we require WordPress sites to be hosted at WPEngine.
The website market has changed considerably over the last five years, especially with the development of WordPress. We could see we needed to adjust our website business model to include WordPress development or lose approximately 50% of any new clients. When we began investigating WordPress, we immediately found there were issues with security, as there are with any open-source content management platform (these security problems are not unique to WordPress). Since we did not want WebWize staff to learn a new web server platform for hosting, we began researching WordPress hosting options. We spent several weeks in our search for the best WordPress hosting solution for us and our clients (yes our site is a WordPress site). We kept coming back to a company out of Austin, Texas – WPEngine. They had the best overall reviews, fastest server time tests, apparently the best customer support, BUT MAINLY THEY HAD BUILD IN SECURITY AND ADDITIONAL FEATURES no other WordPress hosting solution offers.
What WPEngine offers that convinced us to partner with them.
- WPEngine runs nightly scans of each site they host. If any site has a plugin that would comprise any site (meaning it could compromise all sites on a server). Owners of the website with vulnerable plugins are notified and given 72 hours to fix, update, replace or remove the plugin. If they do not, WPEngine will remove the plugin. To me, this is the single most important feature of WPEngine! Remember, it is not the security of your site, but all website on a server.
- WPEngine provides nightly backups of all websites and databases of your site. AT NO CHARGE! You do not have to purchase a backup plugin and maintain it. With WPEngine hosting, it is all handled by WPEgnine.
- WPEngine provides a free staging area for your website. When you want to work on a new design, test a plugin, have updates to your site completed and reviewed before going live, you do not have to pay someone to create a second WordPress install. You simply push a button, in about 10 minutes you have a complete duplicate of your website and database. Subsequently, when the redesign is complete, push another button, and the new site migrates to the production server. Amazing!
- Content Delivery Network. Free!
- WordPress updates are automatic. You do not have to worry about it. WPEngine does it all. Out of date versions of software is where many server-farm WordPress sites get hacked. They do not keep up with WordPress versions, which leads to vulnerabilities.
- WPEngine updates PHP. PHP is the language that runs WordPress. It needs to be also updated.
- WPEngine has developed a proprietary caching system. No need to buy a caching plugin. Another savings!
- WPEngine has minimum password requirements – reducing the possibility of other uninformed or lazy website owners using weak passwords that could lead to a compromised website and an entire server.
- If any site does get hacked – WPEngine will fix it for FREE!
- Site Speed. WPEngine continually ranks as the fastest WordPress hosting services on the internet. Google’s algorithm uses page load times as part of their ranking algorithm. WPEngine removes this concern. You have to do your part in the way your graphics are sized and formatted, WPEngine does their part.
- WPEngine has an SSL Certificate services. All you do is push a button to order it, and they handle the rest and bill you for the SSL Cert. They also automatically renew the certificates for you each year. We have been providing our customers SSL Certificates for years and not having to keep track and reinstall SSL Certs at the server level is simply incredible.
- Just the best customer support on the planet, not even debatable.
You may feel the server farm hosting solution is all you need and it very well may be. But why would you risk your business website for $20 a month when you can have WebWize and WPEngine working for you? Just look at the 12 Reasons I list for using WPEngine. A single hack would cost you what you thought you would save in hosting, ten times over. And if your website gets hacked once, it will happen again if you are hosted at a server-farm.
I remember back when I entered the equine world; a Ferrier told me, “It is not a matter of if you get hurt around horses, but when.” Same holds true with server farms; it’s not a matter of if your site or another site on your server gets hit by hackers, but when. Take it from us, we know.
Make the WIZE decision if you have a WordPress site. Use WebWize and WPEngine together. You and your website will be glad you did.
Or Contact WebWize At 713-416-7111
Before making a final decision on a Web Design Company, spend a few minutes on the phone with us.
About Glenn Brooks
Glenn Brooks is the founder of WebWize, Inc. WebWize has provided web design, development, hosting, SEO and email services since 1994. Glenn graduated from SWTSU with a degree in Commercial Art and worked in the advertising, marketing, and printing industries for 18 years before starting WebWize.