Over the past two decades, TM has worked tirelessly to build and customize each website to a client’s specific need. We’ve cut, designed, coded and stayed up well in to the night to ensure the end product is exactly right.

When it’s time for us to turn the keys over and let our clients take their website for a spin, we can only advise them to wear their seatbelt and observe the speed limit so many times. Sometimes, it takes a security exploit for people to realize just how important monitoring and maintaining their website really is.

Take these next two examples as learning moments from our clients. You may not only save your website’s security, but a considerable amount of money as well.

A Content Nightmare

TM built a website optimized for SEO, with customized plugin’s – the whole nine yards. At website launch, and during the WordPress training afterword, we suggested to the client that a monthly maintenance retainer was advisable and listed out the advantages. They respectfully declined, and we respectfully complied.

Approximately a year passed with the client neglecting updates. Several major version updates had been missed, as well as a security loophole fix in the platform. Because of this, the site was hacked and we received a surprising call.

The hack was an unexpected one. Our client was seeing random bits of content on his website changed out for garbage spam, and it wasn’t just any spam. Specifically, his content was being replaced with verbiage relating to “Viagra.” Due to the sensitive nature of this hack, we labeled the case “High Priority” and immediately dove in.

We found that when we accessed the administration content-editing area for the effected page, all of the content was still there in its rightful place. However, when you would view the public-facing page, all you could see was the “Viagra” text.

The Solution

The TM team discovered that the hacking attempt had injected buried JavaScript snippets, which were replacing the client’s content with spam text the moment the webpage loaded. This explained why the verbiage was hidden when the administration area of the website was accessed. In order to clean up any instances of the injection we ended up spending approximately 5 hours scouring each individual file within the installation.

We then spent an additional 3 hours updating the entire WordPress platform, all of its respective plugins, and crosschecking the website’s functionality to ensure it remained in tact past the update.

The lesson? If the proper website maintenance and updates had been performed as they became available over the course of the past year, or at in quarterly update increments, it may have saved them time, money and the ensuing embarrassment!

Server Meltdown

This second example, while slightly more rare than the first, has the potential to become much more serious. The client hadn’t updated to the latest available version of software and the website became an entry point for a DDoS (denial of service) attack.

A DDoS is a type of DOS attack where multiple compromised systems, often infected with a Trojan, are utilized to target a single system. 

Such an attack intermittently (and sometimes for extended periods of time) takes down the server the website is hosted on. This hack was possible because a security loophole was taken advantage of on the clients website, due to the outdated software and a virus, which became the staging point for the DDoS attack and injected in to the server.

The Solution

Luckily, we were able to contain the issue relatively quickly and stop the DDoS attack, preventing any further damage from happening. In order to ensure that each of the potentially affected files within the server were located and the virus was eradicated, the TM team spent approximately 6-8 additional hours of maintenance time. In total, the damage required us to spend over 10 hours, which the client paid for out of pocket.

In this case, we ended up taking further security precautions in an effort to keep out other client’s websites safe, sound, protected and online. The client needed to agree to a monthly maintenance contract with us to ensure consistent software updates, or else they could to move to a different server with their own host.

In the end, a monthly retainer package was agreed upon and our client was ready to focus on what mattered most to them again- their business!

Let us maintain your website so you can spend more time on your business. Contact Us today to get started.

Leave a Reply

Your email address will not be published. Required fields are marked *

Read Related Posts