Choosing a Website Developer (Part 2) - Website Security is VERY important.

When choosing a website developer, there are a lot more things one should take into account these days, besides price. The good-old-days are unfortunately gone, so having mom or pops develop your website, or your best friend's cousin's brother just isn't going to cut it. Having it developed offshore, in for example India or the Philippines, or by a newbie developer just out of school, probably isn't a good idea either.

In the following scenario, one that we see way too often, I'll explain why.

Client: I had the development of our website contracted out to X - it is incredibly slow and keeps on popping up errors. The developers are in country X and I really don't want to deal with them anymore.

The Problem
There are most likely 2 problems with this website:

  1. Hosting: so you're paying $5 a month hosting and are wondering why the website is slow. Sadly, you get what you pay for. $5 hosts end up piling thousands of websites onto any giving server and all of those websites have to share the resources. The only solution in this case is to move to a more reliable server. Another concern one should have with a shared host is that if the server hasn't been configured properly, and a LOT of them haven't, one user can sometimes access another users files and database. Another reason it could be slow is....
  2. You've been hacked - Now what!: it's pretty scary how many hackers are out there these days. Granted, most of them are script kiddies who have just downloaded some hacking kits, but none the less, both can harm you. The script kiddies generally just deface your website - which seems bad, but really isn't if that's all they do - whereas the real hackers have more sinister agendas and you generally won't even know that you've been hacked. The real hackers want to steal data and personal information. Both the script kiddies and real hackers get into the server by exploiting some vulnerability, be it a security patch that wasn't applied, bad coding (sql database injection), password sniffing, trojan on a user's pc, hacked email account etc. On a shared server that isn't configured properly, this ends up being disastrous as hacking into one site could potentially give the hacker access to the ENTIRE SERVER.


The Solution
When selecting a developer, you shouldn't think of the developer as a once off builder and move on kinda deal. It's a better idea to partner with a developer who has a track record, and will provide ongoing support, security and maintenance. If your website will gather/host sensitive data, then you really need to have a developer/security specialist that knows what he's doing. Having a website built and trying to host it yourself these days is a really bad idea: free platforms (such as wordpress, joomla & drupal) & free modules change so quickly, so unless you are going to be downloading and applying updates to the platform and modules yourself, chances are your website will be hacked in the near future. Solid developers should, within their maintenance plan, apply these updates and more importantly security updates for you. In reality, what we've found is that, this does not happen. Unfortunately contracted out web development generally means that you end up with the hosting responsibility, and there is a lot more to hosting than simply uploading some files.

We assist in this kind of scenario by:

  1. Hosting: importing your website into our Tier 4 (best that you can get) nailed down server environment. 
  2. Re-engineering: we generally only import your website design graphic and data into our morphogine platformWe then replace the existing modules with our similar morphogine modules, and we secure and bug check everything - so we'll remove any hacker injected code that we find. For a list of advantages of using our platform, see morphogine platform advantages.
  3. Immediate & Ongoing Security: All of our clients also get our 24 x 7 x 365 website security monitoring services for free!
  4. Kick Ass Support: If your current developer/host doesn't get back to you within 4hrs, then you're with the wrong developer/host. We generally respond immediately or within an hour to requests. Support & Security are of the utmost importance to us!

Once we have launched the re-engineered website, we provide free bug fixes as long as you are a client with us, and our fixes are generally applied within 1hr. We are also obviously on top of any hack attempts as they occur - believe it or not, hack attempts pretty much occur every second of the day. Our morphogine platform also monitors all of our client websites and notifies us if any bugs are encountered - we fix bugs and apply updates the same day of the notification. We also push out any new functionality and updates to all of our client websites as soon as it is released. Get Started with our RFP.

Posted in Choosing a Website Developer, Managed Platform, Web Security. Tagged as CMS, Fix Hacked Website, Web Development, Website Support.

Post a comment (* required field)

Name *
Email * (will not be published)
Comments *