Support & Maintenance

Website Maintenance, often referred to as maintenance updates or site updates, is the practice of creating backups of a site, updating the software and applications/plugins being used on the site in a systematic way, and doing quality assurance checks to ensure that the website remains secure and that bugs or errors have not been introduced as a result of maintenance-related changes in the software code.

We recommend that all websites undergo regular maintenance to maintain security and keep them running smoothly. Some website managers who are comfortable with their site functionality and the process find that they are able to manage this maintenance on their own, while others find that a maintenance plan provides them with the peace of mind to know their site is being properly maintained, is secure, and has ongoing monitoring in regards to proper functioning.

Developers who are creating, troubleshooting, and improving applications/plugins and software are publishing changes to their products every day. As such, there is no standard time to do maintenance, whether it be on a daily, weekly or monthly basis. This is why we perform maintenance during the last week of the month or quarterly on the last week of the third month. This schedule allows us to ensure all updates are made on a consistent basis.

While most updates provide new features, increase the efficiency of an application, or implement simple bug patches, the purpose of some updates are to fix or “patch” a security risk. These updates should be made as soon as possible to minimize the risk of your site being hacked, being hijacked by an unknown third party, or of your data being stolen. Running security updates are urgent tasks because leaving known vulnerabilities on a live site is full of risks. Our team completes all security updates for our monthly maintenance plans promptly upon notice that a security update has been released. 

In some circumstances, security vulnerabilities are so severe in terms of risk that web hosts will force an update to the impacted plugin or even to platform core themes. This can result in issues occurring with the live site’s functionality due to the lack of a quality assurance process in these instances. Our team often patches security vulnerabilities before web hosts force these types of updates and uses our regular quality assurance process to ensure that each site has not broken in terms of functionality when one of these security patches is applied.

If you are storing data on or obtaining data through your site, you may be held responsible in the event of a security breach. It is vital to ensure that all sites that store or obtain data have security patches promptly applied and have a compliant privacy policy.

Websites that are out of date or are running software and application versions that are no longer commonly used or monitored are a higher security risk for several reasons. 

• When an application/plugin version is out of date, security risks are less likely to be identified or communicated. 
• It is likely that documentation on how to hack into or otherwise harm a website with older insecure versions of software in place is easy for hackers and other outside parties to find online. 
• Outdated plugins may use unsupported out-of-date coding standards, which can cause major visual or functional errors on a site or eve cause a site to become slow and non-performant.
• In some cases, a long pause on site maintenance can create a situation where the “upgrade path” for the software is no longer possible. In these instances, the only real option to preserve functionality is to rebuild the feature or integration from scratch.

There are a few instances where you might want to wait on updating an application/plugin. 

• New Versions of Website Platform: Sometimes the latest major version of the core platform on which we build websites (i.e. WordPress core) will have a few bugs with its initial release. We track new versions of software vigilantly and watch for issues on other sites as each new version of the software is rolled out. Once we’re certain that any lingering issues with a major version of the software have been resolved, we include this major version update in our next round of maintenance.
• You do not have a current license for the plugin: While there are some free plugins available, many require the purchase of a license. You may be required to submit your license key prior to updating these plugins. If your license has expired, you will not be able to update the plugin until you reactivate it.
• Updates may not be available/compatible with current core version: In our regular workflow, we test ALL updates on a staging site first, and we pay special attention if a plugin is flagged as “not compatible.” If testing on a staging site does not show any issues, then it is generally safe to deploy these updates to the live website. 
• Something in the update breaks functionality on your site: When we update plugins and core themes, we review the release notes for the available update to ensure that the update in question will not cause issues with any given site’s known functionality. We also do quality assurance testing on a site to make sure that these changes do not cause visual or functional issues.If there are ongoing issues with a plugin or we believe we have found a bug in an update, we reach out to plugin developers to report the issues we’ve found. We have even worked with these developers to test and deploy patches on our clients’ sites before the fixes are available to the general public!

Each plugin or application you have connected to your site is an additional element that increases a site’s complexity and, therefore, security risks. Removing unused plugins is considered best practice for site security. Unnecessary and unused plugins can reduce the performance and speed of a website by loading assets when web pages load that are completely unnecessary for the display or functionality of the website.