See Our PortfolioPricing Guide

Don't lose your domain name to an AI-Generated Voice Scam

The New Era of Scammers

As technology advances, so does the sophistication of spam and scams. AI can now synthesize people's voices based on just a few sentences of audio. This has led to a significant rise in voice scams, making it increasingly difficult to differentiate between genuine and fraudulent calls.

It's getting crazy out there AI synthesizing was just used to create a deep fake song by Drake and The Weeknd.

In this blog post, we will discuss the implications of AI-generated voice scams and provide tips on how to protect your personal information and domain name from potential threats.

AI-Generated Voice Scams: A Growing Concern

These AI-generated voice scams have become a growing concern, with unsuspecting individuals being tricked into believing they are speaking with a friend, relative, or colleague. The Federal Trade Commission (FTC) suggests that if someone who sounds like a friend or relative asks for money—particularly if they want to be paid via a wire transfer, cryptocurrency, or a gift card—you should hang up and call the person directly to verify their story.

Protecting Your Domain Name

If you own a website there are certain precautions you should take to protect your domain name and personal information from potential scams:

1. Be Cautious with Phone Calls

Remember that legitimate businesses and professionals will never ask for sensitive information such as credit card details or domain name information over the phone. If you receive a suspicious call, hang up and contact the individual or company directly to confirm the legitimacy of the request.

2. Control Your Domain Name

Your domain name is a critical component of your online presence. Losing control of it can compromise your entire website. Ensure that you have full access to your domain information (at GoDaddy or your preferred domain registrar) and verify that it's costing you around $15 a year.

3. Beware of Domain Renewal Scams

Watch out for any mail you receive urging you to renew your domain name. In most cases, these are scams by companies looking to have you renew through them at exorbitant rates. Always confirm the legitimacy of any domain renewal requests with your domain registrar before taking any action.

Conclusion: Stay Vigilant and Informed

The rise of AI-generated voice scams is a reminder of the importance of staying vigilant and informed about potential threats to our personal information and online assets. By following the tips outlined in this blog post, you can protect yourself and your domain name from scams and maintain a secure online presence.

Remember, you can always call someone back if you think they are a scammer.

WordPress is perhaps one of the most popular and well-known content management systems (CMS), hosting thousands of sites for independent users looking to create their own custom websites. However, they are also easily the most hacked CMS on the market.

A 2019 study showed that WordPress accounted for 94.23% of reported security issues from website owners using hosting services [1]. To help you better understand the risks, we’ve outlined some of the top security vulnerabilities experienced by clients using WordPress.

This blog explains seven of the most common security threats posed to users who have built websites through WordPress. If you’re looking for secure and effective website design options, contact Thrive Design today.

Weak Passwords

Weak passwords make a hacker’s job extremely easy. As hackers use bots to try out thousands of password combinations to break into websites, websites created through programs such as WordPress can be left dangerously vulnerable. The security of your entire website will boil down to having as secure a password as possible, and hoping that hackers won’t be able to guess it. Routinely changing passwords and avoiding ‘easy to remember’ combinations (pet names, birthdays, etc) is the best way to combat this.

Malware

The term ‘malware’ refers to malicious software that can attack your site. Hackers will use malware to steal files and important data from websites and their visitors, and with the existence of unauthorized and outdated plugins used across WordPress there is a huge risk for malware to be introduced. Hackers use existing security problems on sites like WordPress to introduce their own files that may go unnoticed, putting your website in serious danger of hacking through malicious files and coding.

Outdated Software, Themes, and Plugins

One of the biggest reasons WordPress is so vulnerable to hackers is also one of its biggest draws for hopeful website creators – customization. WordPress site owners are offered hundreds of different premade themes and plugins, however expired software can expose your site to major risks. As soon as a theme, plugin, or extension becomes outdated, any site owner using it exposes themselves to extreme security risks.

Phishing

Phishing refers to when users are deceived into revealing their confidential data and information by hackers posing as other companies and brands. Through WordPress websites, phishing can happen in a couple of ways. First, site owners can often receive phishing emails supposedly from WordPress, claiming that the database needs to be updated with their information, and subsequently their login details are freely given to hackers. Secondly, hackers can use WordPress websites for fake online pages, posing under different logos and companies to trick online users.

Hotlinking

Hotlinking is where other people take your creative work and use it as their own, without providing any credit or seeking permission. Many WordPress site creators may find themselves at risk of having their content and images taken from your site and embedded into somebody else. Without protective measures in place to avoid hotlinking, it’s all too easy for users to take your content and profit off of it themselves.

Search Engine Optimization (SEO) Spam

SEO hacks take advantage of your pages that are ranking highly in the search engine results, working to fill them with spam and pop-up ads, even selling counterfeit items or merchandise through your pages. Due to the previously discussed security issues (outdated software, themes, extensions, and plugins), WordPress sites are left all the more vulnerable to harsh attacks that will leave your site full of spam. By targeting only your high-ranking pages, these attacks will be even harder for you to spot.

Cross-Site Scripting

When a hacker places malicious code into the backend code of a vulnerable website, that is referred to as cross-site scripting. These attacks target website functionality, gaining access to the display of your website and effectively targeting visitors through trickery such as fake links, contact forms, and redirects. Once again, it’s WordPress’s system of plugins and extensions that leave their sites so exposed to the risk of Cross-Site Scripting, as outdated software is the easiest way for hackers to break through existing security measures.

Contact Thrive Design for Secure Website Creation Services

If you’re looking to build a new website for your business, blog, or for any other purpose, then security ought to be a top priority. When comparing hosting services, it’s important to understand the risks involved, and that’s why some sites can be more dangerous to work with than others.

For anyone in the market for safe web design services, the Thrive Design team is ready to help. Reach out to us today to get started on your new website, ensuring that everything is kept safe and secure throughout every step on the process.

Your website is like a car. Both should be reliable tools that help you in meeting your needs and reaching your goals. And, just like your car, regular website maintenance can help keep your website running smoothly.

Think about it. You don't let your car regularly run out of gas or oil. You check fluid levels and take it for regular maintenance. Your website should be run with that same basic principle. Namely, a little regular maintenance prevents a massive headache if things go wrong.

5 Website Maintenance Tips to Keep Your Site Running Smoothly

Your website maintenance routine doesn't have to be complicated or take up a lot of time. There are just a few maintenance tasks that you need to perform on a regular basis in order to ensure your website is running at maximum efficiency. (Trust us, your Google Analytics results will also thank you.)

We recommend adding these five tasks to your website maintenance schedule if you haven't already.

1. Perform monthly security checks.

Every month, you need to carve out time to update and install any patches, bug fixes, or other regular updates that have been released for any and all software that your website uses. This includes your web server, database, operating system, content management system, and any other apps, plugins, or extensions you've installed.

While best practice is to install these updates when they are released, a scheduled monthly security check is a great way to make sure that no updates get overlooked.

2. Check your website's speed monthly.

You don't want your customers abandoning ship because of a slow loading speed, which makes Website Maintenance Tip #2 incredibly important. According to one report on website user experience, 52% of website users will abandon a website permanently if it loads too slowly.

A slow website leads to a higher bounce rate and lower conversion rate. Google has also added page speed as an element in their search engine ranking. There are many tools and plugins out there that will measure your website's speed for you. Our favorites are:


Related Reading: Top 10 Reasons Your WordPress Website is Running Slow


3. Review your site analytics monthly.

When you review your site analytics monthly, you will quickly get a good idea of what normal performance looks like so you can pinpoint when things are going wrong OR when something is going very right. Measuring key performance indicators (KPIs), looking at SEO rankings, and analyzing Google Analytics reports is the only way to stay on top of your site's performance. When done monthly, possible errors can more quickly be confirmed and resolved along with better benchmarks for future changes.

4. Check your website backups quarterly.

While some might recommend checking backups on an annual basis, most sites can change quite a bit in a short time which is why quarterly backups are a much better idea. This will minimize potential data loss in the case of a catastrophic event.

If you work with a hosting company that promises to back up your site for you, double-check that they are doing this at least quarterly. Otherwise, you can easily find a plugin that will help keep your site backed up and ready to go.


Related Reading: How to Back Up Your Website & Why It's Important


5. Update copyright notices and review legal disclaimers annually.

Typically sites post one copyright date across an entire site. This is done to clarify that content on that page and site are protected by copyright laws (at least in the United States). Generally, the copyright symbol is added along with the date of creation, but as websites are updated regularly it makes sense to also update the copyright date as well.

Another reason to keep your copyright and legal disclaimers updated annually is that the information you are required to disclose is constantly changing as new privacy laws are enacted at the state, federal, and international level. It's important to make sure that you are in compliance with all the laws your website is subject to and an annual audit is the best way to do that.

Bonus tip: Check for broken links on a regular basis.

Broken links are a red flag for browsers visiting your website. They show that you're not actively involved in your website and make your site look neglected. A broken link on your site is like a run-down shed behind a lovingly cared for house. The shed might not be in use anymore but it creates an eyesore that people use to judge the house as a whole.

Checking for broken links, both internal and external, is a fairly straightforward task, since there are a number of web-based and stand-alone tools that perform this task. These tools can also check for images and external files that are no longer hosted on your site so don't load.

Final Word

Your website is not a "set it and forget it" part of your business. While it doesn't have to be actively monitored 24/7, it also should not be left on its own. Google and other search engines are looking to promote sites that are secure, updated, and relevant. You can go a long way to nailing those first two with a regular maintenance schedule.

If you're interested in updating your site and getting help with maintenance services, Thrive Design would be glad to talk about how we can help revamp your website.

The safety and efficiency of your website are paramount to how well online traffic can find you, and what you have to offer. But how do you know if you are doing enough to keep your internet presence running smoothly?

The quick and dirty answer is, you don’t. But don’t despair. With everything moving so fast these days, it is close to impossible to stay ahead, many businesses struggling just to keep up. And that isn’t going to change any time soon.

How to keep your WordPress website safe.

Security - Solid security saves websites

1. Website safety starts with a daily backup.

Have you ever been working on a big project, taken hours of time, only to have your computer die, losing everything? It happens to everyone, at least once. Some more than others, usually out of laziness or not learning from the mistake of not backing everything up.

These days, computers can be set to auto-backup files in the event of a catastrophic system crash, but websites don’t have that luxury. For websites, understanding is based on a false assumption that if it is on the internet, it is forever, and that is simply not true. Your website can be deleted as easily as burning a photograph.


See Related: Why Privacy Policies Are No Longer Optional


This is why doing physical backups are crucial to keeping your infrastructure intact. Just like many of us send copies of pictures and documents to various cloud storage systems, backing up your website and all pertinent information to an external storage medium will ensure you have it if the worst should happen.

Encryption programs can also deter hacking. For your needs, there is a cadre of encryption software options that can allow someone with very little tech experience to place new, hardened barriers between you and the evil that might want to take your site down.

Most of what you do in the office is routine, and for good reason. Continuity in business provides the comfort of predictability. Unless you are Richard Branson, no one wants to be surprised by what your business does. So why not also set a very specific time each week, month, or whenever it works for you, to schedule a backup.

2. Solid security saves websites.

Everyone knows that for business, security is important. If it wasn’t, when you leave the office for the night, you wouldn’t lock the doors.

WordPress is one of the most popular website building platforms available, and its power is only matched by its versatility. The only drawback, it can be a victim of its own success, making it a target for breaches for hackers who have also used the software.

Fortunately, the brilliant minds that created this wonderful website builder thought of that in advance, and have preinstalled quite a few plug-ins into WordPress that are automatic once installed. Many of these features pertain to the security of the program, as well as the websites built within and WordPress requests updates regularly.


Bonus: More Security Tips


Hosting sites that can be used in conjunction with WordPress will also have their own safety measures, but they still can’t quite catch all the online dangers that might afflict your site. It is your responsibility, as a business owner, to seek alternative security options, if you want to keep your site safe. Wordfence is a wonderful option for this very purpose.

There is another option, but it is a little tricky and must be approached with caution. This pertains to hiring outside security companies to maintain your website’s security interest. You are relinquishing control to an outside party, however, if they fail, it is still your business that will be damaged, not theirs.

3. Give your website needs some TLC.

website maintenance

Everything breaks down eventually, and your website is no exception. Scheduled and thorough upkeep is the only way to keep your website, and by extension, your business, humming.

Updates will only attach to the appropriate software, and if you have let your website maintenance slip through the cracks of your busy schedule, the software might not have been installed, meaning updates will not attract to the existing code. Keeping up with constant new products and services available to your website is the only way to stay ahead of any updates that might show up.

On the plus side, you already have a schedule for backups, and should have added one for maintenance, so throwing your updates into the mix will only add to the overall efficiency. And there are three main updates to look for, and those are WordPress updates, Plug-in updates, and theme updates.

Always make sure you have backed up everything before you do any scheduled maintenance and the installation of updates. And check periodically that your website is still functioning properly after the updates are installed if you do a bundle of them.

4. Avoid using a bargain-basement host.

are you using a bargain-basement host?

Web hosting has become an invaluable resource when trying to get maximum visibility on the internet. Without it, it is very likely no one will be able to easily find your site. And while it does seem like a ploy to get another internet business more money, the benefits of pairing your website with a quality web hosting service definitely outweigh the cost overall.

For instance, top-quality web hosting services have equally high-quality security programs built into their service. And in the spirit of “you get what you pay for,” if you are paying for low-cost service, you are going to get low-cost results. Springing for a better quality hosting program, like Blue Host, will ensure you get the best bang for your buck.

One big upside to cracking open your piggy bank for a better hosting service is that cheaper-minded business won’t use up the resources, because the quality host won’t have as many websites to keep an eye on. In the more economical option category, sure you get hosting, but sharing with thousands of other websites spreads everything out a little thin.

Less competition for hosting resources means less time for the customer to wait for your site to load. With the increased speed of the internet, patience is no longer a virtue, but a liability and the average web surfer will wait about 5 seconds for a page to load before they move on. This can cost you tons of traffic.

Bottom line, and we mean that literally and in reference to your company finances, web hosting is one of those things you don’t scrimp on. Pay for the best hosting service you can fit in your budget. It's a business expense, so it is tax-deductible, so you’re going to get it on the back end anyway.


BonusHow Javascript Is Used In Web Design?


5. Be proactive, not reactive - DON’T wait until disaster strikes.

website security pro active

The boy scout motto is “Be prepared.”

In business, you can plan ahead, look to the future of any and all scenarios and devise contingencies in the event something discussed actually comes to pass, or you can wait, and hope, and then freak out when the unexpected does happen, reacting with fear, doubt, and other useless emotions that have no place in business.

A proactive approach is an efficient approach. A logical, rational, forward-thinking plan, mapping out exactly what to do if the worst should happen, keeps your head in the game when the whole thing seems to be crumbling around you. After all, that’s why fire drills and lifeboat drills were created.

Final word.

Do you have the know-how to keep your business afloat if your website crashes? Do you have someone who can restore everything in the event of a catastrophic failure? Have you made a plan, double-checked the plan, then made a plan B and C, just in case?

If you answered NO to any of these, you are not alone, and now you definitely have some things to think about. New insight inspires change. And for a lifeline, there are services like the WordPress Care Plan, a monthly service that keeps an eye on your site, does off-site backups, keeps up with any and all updates, and many, many more features.

Your business is important to you, and your website is an extension of it. For much of your incoming traffic, it is the first impression that can make or break their idea of you in an instant. For a savvy business owner, taking your web security seriously is of the utmost importance, and must never be left to chance.


Keep Reading: WordPress represents 90% of hacked websites, here's what you can do about it


Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Once you’ve built the website of your dreams, it’s important to ensure it’s taken care of properly. You wouldn’t buy a car without auto insurance and take it in for maintenance and oil changes. And that’s what one of Thrive’s care plans is: insurance and care for your investment.

So let’s talk about what a website care plan is, why it is essential to your business, and what we include in our care plans here at Thrive.

All about care plans.

What is a "website care plan"?

website maintenance plans

A website care plan is a set of bundled services that we use to keep your website operating in tip-top shape. These services include security, performance, backups, monitoring, malware protection, and more. Depending on the package you choose, we even will fix broken links and update your content. All of this is essential to make sure that your customers can find you, hire you for your services, buy your products, and generally keep you in business.

You could take care of all of these little bits and pieces yourself. You could find different contractors to take care of it all. OR you could trust us at Thrive knowing that we’ve spent countless hours researching these services and honing our skills at keeping websites up and running.

Why invest in a care plan?

You’ve spent a lot of time and money building the best website design possible. A website you’re proud of. A website that generates leads and brings in customers. A website that looks and performs great. A care plan ensures that your website continues performing the way you need to keep business flowing as usual. The cost of a monthly Thrive website care plan is a small investment to make to ensure smooth operations.


See Related: Web Design vs Web Development


What we include in our care plans.

There are a lot of things that go into keeping a website running behind the scenes. We’ve outlined each element that goes into the different levels of our care plans on our “Website Care Plans” page. Let’s take a more in-depth look at these elements and why we include them.

  1. Premium hosting service from Kinsta.
    We think the hosting service from Kinsta is one of the best in the business. Their plans start at $30 per month but, with the Thrive care plan, a premium plan is included in the cost you pay.
  2. 24/7 website monitoring.
    If your website ever goes down for any reason, Thrive is notified. We jump on it and fix it before anyone notices.
  3. Daily backups.

    We also backup your websites daily, both on the server and in a remote location, far far away. Because you never know what can happen with a particular host or data center. We just always want to make sure, no matter what, you have redundant backups.
  4. Weekly checks on security and performance.
    We perform a weekly performance test to ensure your site is performing at 100%. This check will see how fast your website is loading and if there are any anomalies we need to take care of. Security is critical to your website’s success. Unfortunately, WordPress represents 90% of all hacked websites in the world. But our weekly security checks make sure you are doing just fine. Let’s take a break from the list for a quick second and talk about WordPress and security. You may be wondering why WordPress represents 90% of all websites that are hacked even though they represent 35% of all websites worldwide. One word: plugins.
    WordPress has more than 56,000 distinct plugins in their repository. These are little pieces of software that enhance the WordPress experience, but it’s important to make sure that they are updated every week. Most of the time Thrive spends on care plan services are in updating these plugins and ensuring that everything works fine after those updates. And this takes us to the next item on our list.
  5. Weekly WordPress core and plugin updates.
  6. Customized and regularly updated Privacy Policy and Terms of Services pages. Another part of our care plan is to create your privacy policy & terms of service pages. There is a lot of misunderstanding about whether your website needs these pages if you are not collecting any information. This isn’t true. We work hard to protect you from any liability around privacy by partnering with a company called Termaggedon to create these pages and keep them updated as laws change so you never have to worry if your terms are service are up to date.
  7. Weekly database optimization to enhance performance.
  8. Quarterly theme and plugin license review.
    Every quarter, we make sure that your licenses are up to date and let you know if anything needs to be updated. Whether it is woocommerce, gravity forms, or a wordpress social media plugin, we have you covered.
  9. Zero-day vulnerability patching.
    A zero-day vulnerability is when WordPress has identified a vulnerability but there is no patch available. This means that the vulnerability has to be taken care of by the website owner. When we get a notification about a zero-day vulnerability, we go in and take care of it so you don’t have to worry.
  10. SSL included in hosting.
    SSL is a pretty standard feature in website care packages these days. SSL ensures that visitors have a secure connection to your website.
  11. Malware protection and removal.
  12. Premium email deliverability from your website.
  13. Monthly website health report.
    Every month, you will receive a care plan report that details all the activities we've done for your website in the previous month. This includes all the updates and backups, the uptime of your website, security performance, and any other metrics you need to know.
  14. Licensed use of our commonly used plugins.
    We have purchased $1,200 worth of licenses for our most commonly used plugins. These include gravity forms, advanced custom fields, Beaver builder, a lot more. The basic care plan includes access to all of these plugins.

See Related: Why Is Web Design Important?

For the majority of our clients, our website care basics plan covers what they need. However, there are some clients who have a lot of different changes they want to be done on their website. For them, we have an unlimited care package. This package includes everything listed above in addition to:

  1. Unlimited content updates
  2. Monthly fixes of broken links
  3. Monthly 301 redirect fixes
  4. Monthly strategy call
  5. Quarterly website review

Final word.

Your website is not something you can set and forget. Cybercrime is on the rise. Updates and vulnerabilities happen every day. Plugins fail. Hosting services crash. A thousand things can go wrong. A dedicated web team is one way to ensure your website performs safely, securely, and predictably. An easier way is to invest in one of Thrive’s website care plans. Contact us today to see how we can help keep you up and running, no matter what.

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Today there are about 60 million WordPress websites. WordPress commands a 60% market share of all content management systems crushing their 5 competitors who combined have a market share of16% (Joomla, Drupal, Shopify, Wix, and Squarespace).

As with Windows (with a 78% desktop OS market share), this popularity comes with a price. Those zombie computers across the interwebs are searching for vulnerabilities day and night. It isn’t even hackers anymore. Hacking these days is set on autopilot.

What you need to know about WordPress security.

WordPress's most popular feature is also a big liability.

Having such a big target on WordPress's back is exacerbated by one glaring issue in its platform: the use of 3rd party plugins.

Plugins, in my opinion, are both the best and worst part of the platform only because of stability and security issues.

However, the security threats can be mitigated by having a well thought out strategy to monitor and update your plugins weekly.

As of September 2019, there are 55,133 WordPress plugins available in the market. According to this report published by Imperva, only 3% of these plugins were added in the year 2018. This means the vast majority of plugins are old and most have not been updated in years (or ever).

The older your WordPress website the more likely you have a security vulnerability.

In fact, 70% of all WordPress websites are vulnerable right now. A plugin becomes insecure when a vulnerability is found within code it is written in (PHP). New versions of PHP are being released every year and the plugins fall behind in their security.

This isn’t just an issue with WordPress. All code must be monitored and updated in order for it to be secure. It just so happens that WordPress is the #1 target so we must take extra care.

Every week we receive notices of vulnerabilities found in new plugins. For example, Forbes released an article in August 2019 titled Critical 'Backdoor Attack' Warning Issued For 60 Million WordPress Users

Another one just today (9/19/2019) exposed a vulnerability in a piece of software installed on tens of millions of WordPress installations.

That’s all and good, but how can I protect myself?

When it comes to WordPress security, you have to be proactive. Such measures include:

Backup your site regularly.

The worst possible thing that could happen to your website is a deletion without a backup.

I receive a call about once a month from a potential client whose website has gone completely down. Sadly, about 25% of them do not have a backup.

The first thing we do as a company when taking on a new client is reviewing their backup system. We must have a daily backup in case we need to restore the website.

Don’t get yourself into the scramble of having a hacked website with no backup.

There are three crucial aspects of your backups.

  1. Off-site backup: You should have your site’s backup stored in an external service such as Google Drive or Dropbox. Just in case your service provider does not ensure the recovery of your site, this off-site backup will come to your rescue!
  2. Regular schedule: A regular schedule for updating your site should be followed depending on the scale of your business. A small business’s website needs to be updated less often as compared to a large corporation’s site.
  3. Encrypted: If you store customer information we recommend a solution that encrypts your site’s data

Keep your website’s security high.

As a business owner, it should be your utmost priority to keep your website safe and secure. No matter which hosting company you opt for and how much security it guarantees you, the ultimate burden of the security of your site rests on your shoulders.

First and foremost, you should install a security plugin such as WordFence. It will help you in making your site safe and secure.

Second, if you are outsourcing your website development, make sure that you keep control of password management in your hands. If anyone other than you want to access your site, make sure that they have different login credentials that can be deactivated by you anytime you want to.

Third, make sure the user “admin” does not exist on your website.

These are just the basics but they will get you started.

Make sure that your website is well-maintained

Your WordPress site like ar car. If you want it to function well, you have to take care of it. This requires time every week and it is worth it. Protecting yourself by routine maintenance is always many times less expensive than a cleanup job.

As part of your website’s regular maintenance, you should take care of the following items:

  1. WordPress updates: Every now and then, WordPress itself releases an update to its software. Be sure to check for and apply these changes once a week.
  2. Plugin updates: Whatever plugins you are using, do not forget to check their updates every week. Make sure you enable all the available updates to keep your website secure.
  3. Check backups: Double check whether your backups are being stored to an external location or not. If they are not getting stored, this is a serious security breach. You should fix it as soon as possible.
  4. Run a security scan on your plugins once a week using a program such as WordFence.

Choose a reliable web hosting service for your website

When it comes to web hosting, numerous options are available and they come down to 2 types: shared and managed.

Shared hosting is absolutely the cheaper option, but you end up paying for it in the end with the degradation of performance, security, uptime. This is because thousands of websites can be located on a single server. If anything goes wrong with any of the sites on the server, your site could suffer too. This causes the websites to load at a snails pace and it is common to have mail deliverability issues from the website as they share the same IP address.

We believe so strongly in the benefits of managed hosting that we do not work with clients that are on shared hosting.

We feel that shared hosting is expecting someone to be a stellar runner when all you feed them is junk food.

I know that businesses are always looking out for ways to save money, but trust me, this is the last thing you should be saving out money on.

Can’t I just take care of my WordPress security myself?

You can, but we don’t recommend it.

A plumber is skilled in changing faulty pipes. A chef is proficient in cooking. An architect is adept at sketching building structures. Likewise, you are good at managing your business. Instead of focusing on your core business, if you will start looking after your website, you will need to become an expert at this or items will slip through the cracks.

You have a business to run and outsourcing items like this allows you to focus on working on your business and not “in it”.

However, if you do go with the DIY approach be sure to have a schedule for your plugin updates, security scans, 24/7 monitoring, and daily backups and follow the above recommendations.

If you are looking for a rock-solid host, we highly recommend Kinsta.

If you get stuck and are looking for a company to take care of your security and hosting (we also use Kinsta), then check out our Care Plans.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Just like your phone and your computer’s operating system, your website requires maintenance. Every month it seems my phone and computer require a major software update. Your WordPress website needs the same care and attention so it can be online all the time to showcase your products & services.

Top reasons to invest in a Care Plan.

To protect your customers' security.

Hackers target WordPress more than any other online platform. WordPress has a 60% website market share of content management systems and 52,000+ available plugins that can be hacked. It is just too big of a target for hackers to ignore.

When a WordPress website is hacked, it isn’t even humans behind a computer doing the work. Most of the time it is an autonomous computer script that finds the vulnerability in an outdated WordPress plugin, theme, or even WordPress itself.

The top 3 goals of hackers are to steal sensitive information, install software that infects visitors with a virus, or send spam through your website.

When a website is hacked, it must be cleaned or restored from a backup. Unfortunately, most cut-rate hosts limit backups to 30 days or put the responsibility of backups on you. This includes GoDaddy, Bluehost, and Hostgator.

Shockingly, 70% of all WordPress websites are vulnerable right now. Read this article for more stats about WordPress vulnerabilities. If you are a significant data nerd, check out Sucuri’s annual report with a complete breakdown of all hacked websites in 2017. (Not) fun fact: 83% of them were WordPress.

To protect your investment.

Many people don’t know what a care plan is, let alone what it contains. Here is what we at Thrive provide as part of our basic care plan.

Why we don’t recommend the DIY approach.

Maintaining a website is more complicated than one would think at a close glance. Updating a site directly from the WordPress admin doesn’t store a record of what was done. If an update to a plugin created an issue down the road, it would be difficult to know what changed and how to revert without restoring an ancient backup and losing content changes, sales orders, form submissions, etc.

Care Plans are one of our core services. There’s no panic when there’s a plugin conflict during an update or a tricky issue to debug. We’ve seen it all. Over the years, we’ve received calls from people with broken websites and incomplete backups. Often, the cost of a whole year of a Care Plan is needed to fix the issue when there is no complete backup. Just like a car, it costs more to fix it than it does to maintain it properly. Regular oil changes help keep your car running smoothly, and regular website care helps keep your website purring at optimum performance.

Call in a pro.

Why not focus on your business and let us help you with what we know best? Would you change the pipes in your bathroom or call a plumber? Then why try to maintain your website if that isn’t your trade? By securing an experienced WordPress company to care for and support your site properly you are saving potential lost revenue and customers.

Secure a Care Plan for your website! Contact us to learn how we can keep your site in proper working order.

We are certified as Care Plan experts through WP Elevation, the world's most accredited WordPress training company.

WordPress Care Plan

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedIn, and Facebook.

Few things make me feel worse than a hacked website without a backup. WordPress security is not something many website owners think of but with over 32% of the internet using the technology it is the biggest target out there.

Top 5 WordPress security mistakes

WordPress is great but it's not perfect. If you aren't diligent about your security protocols, it's like putting a target on your back. Here are some common mistakes we find among our new clients.

1. Not backing up your website daily and never testing restoring website process.

If the worst should happen, having a recent, clean version of your website is the easiest first step in getting back to normal.

2. Neglecting to update plugins, themes, and WordPress software.

Did you know that over 70% of hacked WordPress websites are due to outdated/vulnerable software?

3. Using "admin" as a username.

This is the default username for all WordPress websites, meaning it's the first thing that bad actors will guess when trying to hack your website.

4 Going cheap on hosting (Godaddy, Hostgator, Bluehost).

Cheap hosting sites aren't performing the necessary checks frequently enough to keep you as safe as possible.

5 Not having a security plugin or uptime monitoring.

These two items are crucial for knowing when your website is working...and when it isn't.

Are you looking for help with your website security?

We cover security, backups, hosting, and many other services as part of our website care plan.

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Websites are hacked by autonomous machines these days... not by humans hacking individual sites. These machines (aka bots) search the internet for vulnerable websites day and night.

We get calls every month from people whose websites got hacked. If you own a WordPress website, I have some very specific things you can do to protect yourself.

Protect yourself and your visitors with these 7 tips.

1. Backup your website daily.

Don’t assume your web hosting does this for you. Many hosting companies do not and, if they do, they charge you to access it and it typically only goes back 30 days.

2. Update your WordPress themes, plugins, and core software once a week.

This is the #1 reason for hacked WordPress websites and it’s simple to do. You just need to have diligence when doing it. Check out our Care Plans, as we do not recommend a DIY approach.

Never use admin as a username

3. Never use "admin" as a username.

That is what WordPress comes with out of the box and it should be changed immediately. Create a new administrative level user and delete "admin."

Use a super secure password

4. Use a super-secure password and store it in a program like Lastpass.com so that you don’t have to remember it.

A password should be so secure that it’s impossible to memorize. Think lots of special characters and uppercase/lowercase combos.

Don't use the default wp-admin URL for your dashboard

5. Don't use the default wp-admin URL for your dashboard.

Use WPS-Hide Login plugin to do just that!

wordfence

6. Install Wordfence.

There are way too many options to talk about here. Wordfence audits your website security, lets you do virus checks, and even lets you block whole countries from viewing your website.

protect wordpress website hacking

7. Don’t give out your login info.

Instead, create a separate administrative login for trusted developers to use. That way you can turn it off.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

People often ask me why anyone would want to hack their website. There are three main reasons why they want to breach your security.

  1. They want your website to send out spam.
  2. They want data your website may contain such as mailing list details, credit card information, or user passwords
  3. They want to install code that will download malicious software onto your website visitor's machines

You can avoid being one of the 33,000.

How do you avoid being hacked?

  1. First of all use a ridiculously secure password to your backend website. Store this password in a program such as LastPass so you never need to remember it.
  2. Rotate your passwords every quarter.
  3. Don't use the same password on other accounts. Remember if you use a program like LastPass you'll never need to remember it, even while using your phone.
  4. Never use "admin" as a username.
  5. If you use WordPress, make sure your themes, plugins, and the core software are updated weekly.
  6. If you use WordPress, install and configure security plugins like WordFence and BruteProtect.
  7. Finally, choose a hosting company that has ridged security protocols. That $3-a-month hosting company might not be your best option.

How do you know when your website is down?

Let Pingdom do that for you. It's easy to sign up for a free account that will monitor your website.

What do you do if your website goes down?

First, contact your web host or the web developer in charge of your website. You'll need your host login to do this. From there, open up a ticket saying your website is not loading and include a screenshot. For faster action, give your host a call. Just be prepared to wait in line unless it is a managed hosting company such as Kinsta.

Are you looking for help with your website security?

We cover security, backups, hosting, and many other services as part of our website care plan.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Thrive is a Seattle web design company focused on helping you grow. If you believe in what you do, have a proven offer, and would like to increase your online presence and authority, let’s chat.
General Inquiry
Start A Project
©
2002 - 2024
Thrive | All Rights Reserved
PrivacyTerms of ServiceAccessibility
Made with ❤ by Thrive