Focus on your business – Take care of your business without worrying about your website.
Protect your brand – Your target audience will see your site looking great. Protect yourself from the bad branding of a broken or hacked site.
Have your time back – We implement processes to manage website users and essential technology connected to the site.
TLC for your technology.
Update Wordpress core, plugins and themes
Domain name renewals
Software license renewals
Wordpress + Woocommerce
Backups on the webserver
Backups on Google Drive (cloud)
Git Revision History
Backup WooCommerce customers, coupons and orders
Webhosting | Server Stack
Apache / Nginx / Litespeed
MySQL / MariaDB
Client portal - reporting
EIG (Environment Information Gauging)
CDN (Content Distribution Network)
Standing up backups
Who it's for
- It depends on your site.
- We update monthly for smaller, lower priority sites while we update bi-weekly or weekly for higher priority sites.
- Wordpress Core has a new version released once every 43 days on average, while plugins and themes are updated independently of Wordpress and each other.
- A website is a piece of software, and there is no perfect, completely impenetrable and secure piece of software. The code behind websites like Wordpress is constantly being improved--security threats are being identified and patches are released. If these patches aren't applied then the website is vulnerable to attackers.
- Only about 30% of all Wordpress sites are running the current, up to date version of Wordpress as of January 26th, 2021.
- That's a question each small business will have to answer. What is the value of your website to your organization? Do you have data to prove the value? If you would like help with that you can reach out to us for a value assessment.
- Small business sites are actually more likely to be hacked because of poor security measures in place. They're easier targets.
- We manage renewing all of your other related technology that connects with your website. This includes domain name renewals, third party software renewals, SSL renewals.
- This is a concierge-style service. You can hand over the keys to us and we’ll make sure to get the oil changed, tires rotated, and even get the tag updated every year for you. Don’t worry about if you paid the renewal for your domain name. See this blog post about what happens when a domain name isn’t renewed.
- We take care of legacy code and custom scripts as well. Updating and managing custom code can be very time consuming, but our hack-team will put your code to the test and we will patch it accordingly. If there’s code we’re not comfortable maintaining for you we will let you know.
- We don’t do automatic updates, that’s because automatic updates can mean that your site is partially or totally broken after an automatic update while you have no idea. Instead of automatic updates, we make them manually by hand with extensive testing involved.
- We believe touching your site is important, which is part of our TLC model. Touching aka manual testing of your website by a trained specialist is part of the reason we are more expensive than some others. We have found that quality increases with manual testing.
- Currently we offer support for Wordpress and Wordpress + Woocommerce, which makes up about 40% of the websites in the world. We are looking to add support for more platforms over time.
- These two platforms are what a vast amount of websites are built upon, and so they also have a great need for security and maintenance.
- We are comfortable with these two platforms, and don’t want to extend beyond our focus and expertise.
- We also develop and design websites and most all the time we use Wordpress or Wordpress + Woocommerce. We found that these are great platforms for storytelling because of their incredible flexibility and customizability.
- No problem, just reach out to us and we’ll take a look for you!
- You can always reach out to us if you would like to have a conversation about your website and it’s maintenance needs. Don’t hesitate to talk to us about your business! There’s plenty of people that we don’t recommend a maintenance plan for!
- Depending on your plan, we keep backups in multiple locations. We believe in the principle of data not existing unless copies of it reside in 3 places. We include the live production site as one of those places, a testing/staging site as a second place, and a storage location as a third place. Some plans also include remote storage and a Git repository for version control.
- This gives us redundancy and flexibility. In case of file upload failure, malicious script injection, two copies of the site not being consistent for any reason, etc., we can roll back to previous versions and pinpoint when issues were introduced.
- We use the testing-staging instance of the site to determine if all updates are good to go to the live production site. We may stand up different backups to test for particular issues while in the testing-staging environment.
- For more expensive plans the diversity of backup locations, quantity of backups and frequency of backups only increases, giving us more flexibility to track down bugs, protect against malicious behavior, and just be generally in a better position as your managed services provider when facing a worse-case scenario.
- Think of it like save-states in a video game. You can pause and save the state of your website easily and reload the site at previous save-states easily. Git does basically the same thing that we do with backups, but it is a much faster and more nimble approach to handling differences between software versions.
- Think of your website as version 1.0 when it launches, then over the course of each software update it’s version number increments to 1.1 and then to 1.2. Git helps us organize those versions and easily switch between them when necessary.
- Yes, your website is software, and software is not a fixed, set-in-stone type of thing. It’s not like a brick building. It’s like a mud hut that constantly needs maintenance so that it doesn’t turn into a pile of mud.
As much as the popular perception about websites and other software is that it is some sci-fi, perfect, serene solution, it’s not. Software is made by human beings solving logical problems that are constantly growing and developing. Likewise, software that is being updated is becoming something new on the inside while it may look the same on the outside.
- All of that to say, backups of different versions over the years can be very helpful, because the site is like a living breathing thing that is constantly growing and changing with each set of updates, and each set of changes needs to be backed up. Depending on your plan, we will determine how far back in time to retain legacy backups of the stie.
- The difference between partial backups and full backups is in what is actually being stored. A full backup stores an entire version of the site and it’s database. An incremental backup only includes what has recently been changed and it’s database.
- We hold a combination of full backups and partial backups of your site. This diversity in backups gives us flexibility, speed and redundancy.
- We always take a full backup before making code updates. We make incremental backups on a regular basis. Depending on your plan, the frequency and diversity of backups and their locations will change.
- Depending on your plan, we will track activity on the site, monitor uptime, scan for malware, harden Wordpress, and run a firewall. These services improve our capability in protecting your site proactively while increasing our flexibility to respond in case of an attack.
- Uptime monitoring is making sure that your site is fully functional at all times of the day. We will be alerted incase the site fails for any reason, and will therefore be able to act swiftly, kind of like how firefighters at the Fire station here the alarm bells go off when there’s a fire, we’ll be able to respond quickly if there’s an emergency.
- Logging keeps track of what has been changed on your site. We can review the logs to see if there’s any signs of malicious behavior. When a site doesn’t have logging it’s like flying a plane blindfolded--from a security perspective.
- Logging helps us identify a data breach sooner. The average time for software breaches to be identified is over 200 days.
- According to the Open Web Application Security Project insufficient logging and monitoring is the bedrock of nearly every security incident.
- Malware can come through many different vulnerability points, such as third-party plugins or themes used on the site. If your site has some level of customization to it, and it’s not just plain HTML and CSS on a webserver, then there’s still the possibility for malware injection.
- Your existing website hosting solution will be assessed to see if it supports your website goals. Here are some of the common webhosting requirements:
- Apache / nginx / Litespeed
- Supports latest versions of MySQL / MariaDB
- Supports latest version of PHP
- File Manager
- AutoSSL (or similar SSL management and auto renewal)
- No, you can have your site transferred over to Fire and Hammer for hosting if you would like!
- Feel free to reach out to us to discuss your business goals, then we can talk about options.
- You will see your website's update history with the basic plan. With the more robust plans you will have security and performance reporting.
- You will have a client portal that displays all of your reports.
- We will primarily use email to let you know about any security issues, outdated plugins or themes that are no longer supported, and any other concerns or questions.
- As your website is changing we will be letting you know if there's any decisions that need to be made regarding making changes outside of the scope of your contract.
- We optimize your site through various means that are standard in the web industry, such as server-side and client-side caching, image optimization, Content Distribution Network, File concatenation and minification, selective file loading, removing unnecessary files, database optimization, preloading, etc.
- It depends on your site and the investment plan we agree to. After the initial EIG we will have a better idea of what is possible.
- While we highly value all of these tools used for measuring page speed, we’ve found that the experience of your actual targeted end-user on the site is what really matters. So, our goal isn't to get a great score on Lighthouse, but to get great performance for your target audience.
- First off, it depends on the goals of your website. One of our representatives can have a conversation with you about your options--how your target audience and brand are affected by the path you choose.
- When a site is optimized for speed, it gets to a point where speed optimization returns are less and less. Usually the biggest gains are made in the 1st 3 months.
- While part of speed optimization is tool-based and therefore requires a recurring cost, the other part is service based and requires a fixed non-recurring cost. The service work can be spread out over months or all be done at once.
- So, there is a recurring cost for performance to be maintained after the initial service work has been done.
- When we say restoration we mean the ability to restore the site in the case of an emergency. This is different than just backups. Backups are not only for rolling back versions during updates but also are for preparing for restoration during an emergency.
- With technology there are many things that can go wrong. The site could be hacked, held ransom, display pornography by hackers, etc. In a case like this we would need to remove the hackers and any malware and restore the site. A case like this is called emergency restoration.
- In short, Fire and Hammer is not liable if the site goes down or a restoration / hack removal attempt is unsuccessful. There is no refund if Fire and Hammer is unsuccessful or if the site is down for any reason.
- Yes, depending on your plan you will have a set number of hours included for restoration. If the restoration hours are on pace to exceed the number of hours included in your plan, your project manager will have a discussion with you about your options moving forward.
- If the site is critically down more often than once every 6 months, then plan prices are subject to increase.
- Successful restoration in a disaster recovery situation does not determine whether Fire and Hammer is paid for services rendered. This is due to the ever-changing world of security and hacking. We can't guarantee results because we don't know what hackers will try next. Our goal is to protect your site and brand to the best of our ability, and we can't promise anything beyond that.
- We have options moving forward. 1st, we don't recommend negotiating with hackers. 2nd, we can kill that server instance and restore the site quickly on another server instance.
- Because of frequent backups and securing different tech through isolation, we can usually restore quickly.
- Yes, if you bring a hacked site to us, we start with a plan to get it back to neutral, then we begin monthly maintenance.
What's not included
- These services are not included in a maintenance package and will be considered an additional cost as a start-stop project (if you would like to purchase development / design / content hours in bulk on a monthly recurring basis please let us know and we can build it into your plan):
- Web Development
- This means customizing the site's code, not just updating and securing it. An example of this would be changing the size or color of text on the website.
- This means writing copy or producing content or even choosing stock images or videos for your website.
- Graphic design / web design
- This means editing photos, creating graphics or any other type of visual media for the site.
- Web Development
- To be noted, sometimes when websites are updated certain aspects of custom code, themes, or plugins become obsolete or broken. When this happens Fire and Hammer will bring the issue to your attention and you will be presented with options for moving forward.
- If your website is breaking or failing with each update we can discuss options such as starting over with a fresh site, or modifying the current site through custom development. Changing the site is a separate service than the maintenance plan and therefore an additional cost.