The importance of website maintenance & support packages

Website maintenance may not be the most exciting subject, but you could argue that it is the most important one. You need a basic understanding of it; just enough to recognise the value of a maintenance and support agreement for your website. Spending a few minutes to read this article is a wise investment – we’ll try to make this quick and painless.

And that’s largely the point – pain avoidance. Taking short-cuts around the ongoing health of your website is a false economy. It’ll cost you a lot in missed opportunities if you don’t have an efficient route to incremental improvements. We will be covering some of the more palpable benefits that go beyond security. But most importantly, neglecting to have professional stewardship of your website could cost you the whole enchilada if you can’t keep it from being hacked.

Why is my site not inherently secure?

Because nothing is – a bank vault isn’t perfect and neither is a website. If a skilled team of developers built your site well and if your own team practises basic cyber hygiene (I’m wagging my finger at you, password1234), then you should have the battle largely won. But the war’s not quite over. It never is.

That’s because software is ever evolving, and its exploits move with it, becoming more sophisticated through time. Content management systems like WordPress need ongoing maintenance in order to combat these cyber attacks. Keeping the core software and plugins up-to-date helps patch known vulnerabilities and prevent potential security threats. Regular scans and monitoring can also detect any suspicious activity and provide timely remediation.

Can I handle my own website maintenance?

You could try. There are tools available that will help automate many of the processes involved in running updates, for example. But how do you test the effects of an update to any one of the constituent pieces of software? Changes can, and occasionally will, be ‘breaking changes’. These will have some knock-on effect on how your site works, potentially on a seemingly unrelated part of the site that could go unnoticed for some time at your expense. They can even cause ‘fatal’ errors that will take your site down completely. 

You’ll need to factor in a systematic approach to updates, so that you can mitigate these risks and identify problems. Then, when you encounter one, you’ll need a zero-downtime mechanism to instantly reverse it. Finally, you’ll need the programming knowledge, tools and experience to resolve the bug and keep moving forward.

The retainer to the rescue

A ‘retainer’ agreement with a good dev team makes the ouch go away. They are committing to dedicate a set amount of their time every month to you. Now you can be sure that they’ll handle the security and maintenance legwork to make your life easier. And if your agreement goes beyond the absolute minimum maintenance time per month, they can make you more productive. More on this in a moment.

First let’s just get a slightly clearer picture of the bread and butter of a professional maintenance package. At Shape Works, for example, our process would include:

• Getting the site running on our own machines with a special WP architecture. This prevents software updates being performed directly on the server and shuts down most routes for exploits to infiltrate the system.
• Updating all libraries and third party code.
• Performing some basic testing for any incompatibilities between third-party code and bug-fixing where necessary.
• Deploying to a ‘staging’ site which mimics the live website server environment but does not affect it. After running checks here, we can be confident about deploying to ‘production’. 
• Go live with our updates by using our custom atomic deployment process. This way, the site and CMS is still fully accessible while the codebase is being overwritten.
• We also monitor any site downtime using a tool which sends urgent security notifications about your site directly to our inboxes.
• When time allows, we invest a little extra elbow-grease on codebase maintenance, updating it in line with our newest projects. It’s always good to take measures to reduce the accumulation of technical debt over time.

Beyond security

With an ongoing maintenance package, you’re fostering a valuable working relationship with developers that know you and your site. They have all the right technical systems in place to support you efficiently, and this means that you always have new opportunities at your fingertips. Keep in mind that a website is a project that is never truly finished. Even if you were smart and meticulous about its design and development, you will undoubtedly discover ways to improve it later on, which go beyond simple editorial adjustments to the website’s content.

Enhancements might include:

• Ironing out workflow pain-points for your marketing team
• Steadily optimising performance and accessibility for your users
• Adding new features catering to unexpected shifts within your industry
• Adjustments, large or small, in response to analytics feedback

You decide what your priorities are in any given month, and agree with the devs which of your/their suggested tasks should be tackled within the allotted hours. This way, you get to enjoy the benefits of continuous improvements within a manageable and predictable rolling budget. This is likely to be much more cost effective than sporadically securing some ad-hoc dev work, and more feasible than establishing your own dedicated development team. And your retainer agency will start to feel like part of your team anyway, as they become increasingly acquainted with your website’s codebase and objectives, and increasingly invested in keeping you happy, to nurture the partnership. As such, a professional retainer plan for your website not only keeps the ship water-tight, it keeps it on course.