Essential Insights on Web Design: Key Information Your Designer Failed to Share

You’ve hired a web designer to create your website and it’s ready to go live.  That’s great!  This is an incredible moment for a new business.  But while you’re focused on bringing in that first sale and collecting leads, malicious actors are behind the scenes looking for security breaches in your shiny new site.  

In our decades of working with exploited websites, by far the most common reason we’ve seen that a site has been breached is a simple lack of education.  When a web designer hands over a new site to a client, they often forget to mention the maintenance that it will require.  Very much like a home, a website needs to be maintained.  If a content management system such as WordPress is in use, it routinely needs updated to the latest release.  Were plugins, themes, addons, extensions added?  Those too need constant updates.  Did the designer use any paid functionality?  You’re going to need to keep that license up-to-date! 

Developers are so often excited to hand over the reigns that they often fail to provide a list of actions that will be necessary to keep a website secure.  That’s why we’re here to provide the most common failures in maintenance so that you won’t fall behind in maintaining your website!  

1. Create a list of all of your login credentials and keep them SECURE! 

Most business owners do not know how to login to their own websites administrative backend.  This is very important for keeping the site maintained.  Ensure you have these login credentials available.  It is also important have the login information for your domain registrar.  This is the company used to register the website address of your company.  These regularly need renewed yearly.

2. Set up notifications when a new update is available for your website.  

This should include any plugins, themes or extensions.  All modern content management systems have available email notifications so you can always keep up on the latest releases.  If you are running WordPress you may take it one step further by enabling automatic updates to ensure that your site is protected from the latest vulnerabilities.

3. Keep a copy of all licenses that your developer may have used.  

Many popular themes and plugins require a valid license to receive the latest updates.  It is important that you have these licenses stored in a secure location on your personal computer so you may easily update your software.

4. Maintain regular backups.  

In the event that something goes wrong, you want to have a recent backup available so that you may restore your website to its previous state.  This should include the physical site files as well as the SQL database.  Your web hosting provider will likely have a backup system in place so that you may schedule or create regular backups to store in a remote location.  Never store your backup on the web hosting server!  An exploited website can also infect your backup.  We recommend placing a copy of a USB drive for safe keeping.