A longtime client emailed to me this morning with a security question. I welcome these type questions because it 
gives me a chance to share our hard to see services. Unless you are sitting in the Orlando Web Wizard office watching us every day you cannot see what we are doing daily, to keep your website safe. A behind the scene look. I understand after a few years go by, a client may wonder. “Is my website safe?”

Here is what they said in the email and the answer I gave in red.

Hi Carol,
  I’m forwarding a blog from Seth Godin that I think asks some very good questions.  I’m wondering if these things are built into our websites or your services.

And when it breaks?

Every website your organization puts up is going to reach a moment when it is obsolete, out of date or buggy.

How will you know?
You have our Web Power Intermediate managed package. This means we have our eyeballs on every month and we fix any issue we find, SEE: https://webpowerwp.com/intermediate-managed-wordpress-services/

And what will you do about it?
We will fix it and contact you.
If you find an issue before our monthly check, notify us we fix it ASAP.

Big organizations have this problem every day. When building a website, the hierarchy pays attention. There are meetings and approvals, and it all fits together in the current strategy.

We limit clientele to give the very best quality service. Orlando Web Wizard is not about numbers, we are about quality service.

But a year or a decade later, those folks have moved on, but the website remains. And it’s unlikely that there’s someone checking it for bad behavior. 

Security is important to us:

We use the recommended WordPress.org best practices hardening with every WordPress install. On the server we are using is cPHulk Brute Force Protection that prevents malicious forces from trying to access your server’s services by guessing the login password for that service. We also use server level ClamAV Linux Antivirus, ConfigServer Mailscanner and ConfigServer Security & Firewall. For better security and as recommended by WordPress we use suPHP on the server.

 Most bad behavior is thwarted server level. We also pay for server managed care and quick reaction time. Both myself and server techs check daily logs for trouble. We backup your website monthly into the Amazon S3 in Washington DC. Your website resides on the Equinix datacenter in Chicago. Two places for disaster recovery.

So there’s the Fedex database that sends customers to a drop box that doesn’t accept packages any longer. Or the part of the Brother website that requires users to change their password every single time they visit. I’m sure I have pages out there on the web that are out of date or buggy as well. It’s inevitable.

The above stuff is something you will need to manage. We only manage the website and hosting. If you have trouble recovering a password for our services please contact us and we can help you reset it.

Here are two simple questions that ought to be part of any online launch:

Where can our users report defects on this page? 

  1. If you include a link to a human or perhaps a monitored feedback form, it’s a lot more likely you’ll hear about the things that aren’t working in time to actually fix them before you take a loss.  Call, Email or Text Me
    Monthly 3 hr Telephone Support
    Phone Text Support Unlimited
    Unlimited Email Support
  2. What’s our plan for sunsetting this site? 
    If they close down Vine or our strategy changes or we need to take action, who is responsible?
    Orlando Web Wizard has no plan to close down. However, we will give to you or place your website files on a server of your choice should you decide to leave us. You may always ask us your most recent backup.

Stick around long enough and it’s going to break. We come out ahead when we treat that event like part of our job, not a random emergency.

We’ve been in business long enough to understand the problems websites and their owners face. We are always researching and forward thinking to keep everyone successful. We use the very best US datacenter and do yearly security audits with the very best server security company. We offer emergency help for a fee to those who are not on our managed care plan. Those on our managed care plan get immediate help.

Please see that our server IP address has not been blacklisted in 6-years when we started the MX ToolBox monitor.
 
Please also see our recommendation and recent security report.