Why pay to maintain my website

So, you’ve created a fantastic website.  You spent a bit more than you initially wanted, but the end result is beyond your initial expectation too.  Having spent your money you now all you want to do is leave it to itself and forget about it for a while.

But, now the agency that designed the website are talking about a maintenance contract.  What exactly is that all about?

What is website maintenance made up of?
There are two types of website maintenance.  The one that I’m not referring to in this post is content maintenance.  A website is only as good as the content.  If you have nothing to say then don’t expect much traffic and as a result, too many enquires.   Live, organic, informative, changing, engaging content is key to Google success, which in turn leads to inquiries.

The second type of maintenance is software infrastructure, the core code that makes up your website and the plugins or additional scripts that makes your website stand out.  That’s the focus of this post.

Website maintenance.
Just like any software (Windows, Excel, Dreamweaver), the codebase needs to be routinely updated to support the latest hardware updates and to keep pace with new, more robust features.  The software that makes up your website is exactly the same.  
The most obvious example is security.  As your website dates, it becomes susceptible to malware and virus’.  Unless these vulnerabilities are managed your website could be compromised for significant periods and at great expense to fix.

The popular CMS ‘WordPress’ is particularly vulnerable because of its popularity.  The thing that makes it so popular (free to use) is the thing that makes it attractive to hackers.
Yes, you can get alerts when plugin updates are due, however, you need to test these updates to ensure they do not negatively impact your main website.

What does a contract include:
Framework updates to ensure that the very core of the website is operating efficiently.  You want to know that the code that underpins your website is not suffering from memory leaks or performance overloads.
This can only be done by a regular monitoring of the site. 
If left until an issue arises it can cause a noticeable disruption to performance (affecting your business) and a big chunk of time/money to resolve.

Plugin updates need to monitored very closely.  Free plugins are extremely attractive to developers because of the time saving the present, however free comes with a cost at some stage and that’s security and compatibility.  As updates are made available you can’t assume the new plugin will work seamlessly with the rest of your site.  Just as the old one was tested for compatibility, the new one should be too in order to avoid crippling your website.

Site Backups are part of most hosting agreements, but not all hosting agreements are created equally.  You don’t want to find that your site backups are only available for certain restore points, or that the database can be restored but not the files.  Before any plugin or core file updates, you need to know without hesitation that a backup is available to restore the working copy immediately if an update fails.

So what would an update involve
Typically we review your website once a month.  We check the speed and the loads it places on the server.  If we find issues we determine what is causing it and if it is website related we address those issues.
At the same time, we look at the core website software and make sure there are no alerts circulating about emerging vulnerabilities.  If we find any we schedule an update.
During the same review cycle we look for alerts affecting any plugins used on your site and if necesary we update or disable the plugin.  
If we have to disable a plugin we need to find an alternative solution (however this may involve additional costs beyond the standard contract).

If we find that an update to code is necessary, we do the following.

  • We make a complete backup of the site and it’s databases
  • We document what test we intend to conduct to ensure the plugin is working
  • We apply the plugin update (out of office time) and run the test
  • If anything goes wrong we do a complete restore and investigate what is required to do better update.

Site maintenance is a necessary precaution to making sure the website you developed to generate business enquires continues to meet it’s objectives.
It is not something you want to avoid.





Why upgrade WordPress if it’s working

Lots of customers we work with come to us because they have an outdated website that is based on the WordPress framework, whilst others come to us specifically requesting that we develop their site using WordPress.  Whether the site is an established site or a brand new one.  Making sure you the version of WordPress you’re using is critical to the success of your website.

I’m safe, no one would bother hacking my site.
It’s reasonable for customers to suspect that hackers only target corporate or government websites that handle sensitive financial or customer information such as credit card numbers and personal information. However, this simply is not the case.  Over the years a number of our clients with simple informational websites have been hacked by malicious software. Hackers write code that automatically scans the web and identifies vulnerabilities within websites running older, expired software. 

Sometimes the hackers are only doing it for vanity (look what I can do), other times its so they can use your website to transmit span across the internet using your email accounts. 

In rarer cases, hackers want to hold your website for ransom until you pay them with money – Bitcoin.

If you’re on a shared hosting server, they may be using your site as an indirect access to another site, but causing you disruption in the process

  • Hackers may want access to the server where your website is hosted, and by gaining access to your website, they may be able to extend their hack to the server and all the websites that are hosted on it.
  • Hackers may want to use your web account to send emails or host content hidden from view.
  • Hackers may use your website to promote products or illegal content by hiding links inside your code, even though you can’t see it, it still can boost their content within the web.

What should I do
If you’re using WordPress, it is critical that you keep your core code and plugins up to date. Always update to the newest releases, which often contain security patches.

Of course, this option only works reliably in WordPress as long as any customisation to the website theme or core functions was conducted by a competent WordPress practitioner.  If they simply hacked updated onto your website, upgrading to the latest version of WordPress, without backing up your code could be the worst option.

WordPress is built to alert you when updates to the cored (minor & major) updates are available.  It also provides this advice for its plugins.

Automated Plugins
For some people, being told that an upgrade is available is not enough.  They may be time poor or simply not interested.  Luckily there are free plugins to help with  hate

Easy Update Manager
There is also a very powerful plugin that allows you to automate the backup process.  The plugin lets you choose which plugins you do not want to update automatically.

UpdraftPlus Backups
This free plugin allows you to schedule backups of your website and offers you the opportunity to automatically back up your files and databases locally or externally (Dropbox, Amazon etc…..).


WordPress – Why not to use it.

WordPress is the most popular CMS (content management system) in the world with a market share of 20% of all websites on the internet.

However, here are a number of reasons why not use it.

Security & hacks
Because of it’s popularity, WordPress is routinely targetted by hackers.  Often people say that’s not important to because no one would want to hack my site.  But hackers target vulnerabilities in exactly your type of website because they aren’t regularly maintained.  Once compromised, your website is used to send spam across the internet.  WordPress is extremely vunerable unless regularly maintained.

Inconsistent Programming 
WordPress have a very mature development framework, however there is nothing to stop developers adapting their own approach at every level.  This has two negative consequences.  It becomes extremely difficult to manage code if you can’t anticipate where the developer is making their coding updates, especially if you have more than one developer working on a project.  And if developers are not following the established development framework you application is likely to fail after the next major core WordPress update.

One of the best features of WordPress is the availability of a massive library of free or commerical plugins.
There are two drawbacks to this.  Not all plugins compliment each other and installing one plugin can disable another, causing significant development time fixing the issues.
Second drawback is that because a free plugin may offer 90% of what you want, people often settle of sub standard solutions without asking what it would cost to have their actual requirement delivered as desired.

Availability of developers
Not all developers are created equally.  WordPress is free, it’s plugins are free and there are tons of tutorials on Youtube to help you get development started.  However at it’s core, WordPress has a mature framework for ‘correctly’ developing applications.
Few ‘competitively priced’ contractors have been trained properly to develop applications using the framework.  The net result is you hire a developer who gets their task done on time and to a low budget.  However, that developer didn’t comply with the framework, so unless you rehire them, the next developer (experience or not) will have to learn what the previous developer did before last time before they can begin to look at your next project.


WordPress – 5 reasons why you should use it

Here are some of the top reasons for using WordPress as the Content Management System (CMS) for your next website project.

WordPress is the most widely used CMS in the world.  Roughly 20% of all websites build use it’s development platform. As a result, many users are already familiar with the WordPress CMS, requiring less staff training when building a new site.

Open Source (Free)
At the most basic level the product absolutely free.  You don’t even need hosting to get started as it can be hosted on it’s free shared hosting platform.  There are tons of plugins to extend it’s capability for free and there are thousands of free design templates to get you started immediately.

Development Framework
For those who want to dig below the surface and develop their own unique design templates or application, WordPress offers a development approach that if followed correctly, ensures their applications will be speedy and will continue to operate successfully through successive core upgrades.

Simple to use
WordPress was initially designed as a simple blog posting tool.  As such, if all you want to do is post a blog, it’s simple to use straight out of the box.  As the application developed in a CMS that was suited it more complicated projects it’s developers stayed true to the original administration environment.  This means that it’s as easy to use the fully featured rich CMS as it was to use the original simple Blog.

Low maintenance costs
Because it’s a mature product, incremental upgrades are simple to implement.  In fact automated updates can be set up so that the core files are always up to date.  And, because of it’s popularity its easy to find trained designers and developers at competitive prices.

WordPress – Tinymce extra plugins

The text editor for WordPress is based on the open source text editor, TinyMCE.

This is quite adequate for basic projects, allowing you to select for a reasonable variety of fonts and colours and offering you a great deal of formatting errors.

However there are limitations for those more design focused CMS users.  But, all is not lost.  Within the plugin library there are three very useful associated plugins that significantly enhance the functionality of the editor.

TinyMCE Advanced.
This wonderful plugin will add a very impressive array of additional routines to the standard editor.  Once installed and activated you’ll find a range  of new tool buttons on the editor menu as well as a host of additional routines/buttons that you can add as required to make the most of the editor.

One particularly useful feature in TinyMCE Advanced is an option that prevents the editor from stripping out HTML tags such as <P> & </br>.   For anyone who has experienced the frustration of the characteristic of TinyMCE this is a great find.

TinyMCE Custom Styles
The standard range of selectable fonts is impressive, but designers are never happy with standard.  So, if you are using custom or google fonts, how can you allow users in the CMS area the luxury of using these fonts to modify text content.

Well TinyMCE Custom Styles is the answer.  It allows you to work with every style imaginable and all make the styles available from the “format” button on the TinyMCE Advanced menu.

Of course we’re assuming that you have made the font available to be used in the first place.  If not, you need to read about loading custom fonts.

You can create unlimited styles from the “Settings > TinyMCE Custom Styles” menu.
Once you’ve added them, you can access them from the editors button bar, selecting the Formats > Custom Formats option.

TinyMCE Color Picker
So, the colours that come with the TinyMCEs colour picker is limited.  Activate the TinyMCE Color Picker plugin.
Next time you go to use the editors colour picker you’ll find an option to add your own custom colours.

Bootstrap & Less – compile online

If you’re using Bootstrap for projects, including but not exclusive to WordPress, you may come across issues such as pages not responding correctly on devices such as iPad mini.

In my instance I couldn’t get the navbar to collapse correctly in either landscape or portrait mode.   Nothing I tried worked for my “twentyseventeen” based themed project, despite the fact that all other settings I worked with did obey my directives.

I found the solution was to modify the bootstrap file using LESS to apply settings such as “@grid-float-breakpoint”.

Rather than going into a lot of depth regarding LESS and compiling a compiler to set it up, I went to the Bootstrap official website and used their online compiler which generates the customised version of bootstrap.css & bootstrap.min.css

From here you can apply your modificatios and allow it to generate the new file which you download and transfer to your website.


WordPress – what plugins should developers use

WordPress is an excellent CMS engine and has lots of plugins that extend the range and functionality of the application.

As a developer, what plugins are most useful to developers.   Any list is open to debate and new tools are allows coming online.  In the most part this list is made up of free tools.

Coming Soon Page & Maintenance Mode
this is a very handy plugin to let people know your site is under construction or redevelopment.

Query Monitor
Accessible from the admin menubar, this tool enables you to see what is happening under the hood.  This has saved me hours of debugging.

Error Log Monitor
This has been brilliant for helping find out what is happening with my PHP code and database calls.

Email Log
The free version doesn’t show a lot of information, but it does confirm if emails from your application are getting sent or not.

Advanced Custom Fields   ( & Pro)
Unless you want to really get into the code, ACF is a fantastic tool to  allow you to create posts with unique data that can be presented in the front end.
The Pro version really builds on the free version.  But the free version is fantastic.

Custom Post Types
Another great tool to allow developers to very quickly modify the basic post type and give you a easy means to categorise groups of data.

There are heaps and heaps of tools, but this simple set of plugins will get you a long way to developing a custom type or application.

My custom Functions
This excellent plugin allows you to add php routines to your theme without having to modify the “functions.php” file.

One added benefit of this plugin is the fact that if you have PHP syntax errors in your code, you will not kill your theme as happens when you make mistakes in the functions.php file.

WordPress – CF7 – select fields – CPT

I recently had a challenge.
I had to create a form in WordPress which featured a select box.
Nothing fancy about that, except the owner wanted the select options to be based on the content of a custom post type.
This is proved to be quick trickey because I couldn’t find a CF7 (custom form seven) add on which allowed me to do it, so I had to create a routine to provide the functionality.


// this is the custom shortcode I add to the custom form.
wpcf7_add_shortcode( “committee_positions”,”page_handler” );

// this select will support muli-select options    –  so first, lets do the query to get the custome post data
function page_handler(){
$query = new WP_Query(array(
‘post_type’ => ‘committee_positions’,
‘post_status’ => ‘publish’,
‘posts_per_page’ => -1
// now lets create a string (called $html) to create the string of to make up field

$html=”<label>What positions are interested in?</label><br/>”;
$html.= “<select name=’comm_positions[]’ multiple=’multiple’ style=’width:58%’>”;
$html.= “<option value=’Undecided’ selected>Undecided</option>”;
while ($query->have_posts()) {
$html.= “<option value='”.get_the_title().”‘>”.get_the_title().”</option>”;
$html.= “</select>”;
$html.=”<br/><i>You may select more than one</i>”;
// reset the query & return the string  (called by the shortcode)

return $html;
// handle the additional data (custom field) that is now available in the standard CF7 form

function filter_wpcf7_posted_data( $posted_data ) {
return $posted_data;
$posted_data = apply_filters( ‘wpcf7_posted_data’, $posted_data );
add_filter( ‘wpcf7_posted_data’, ‘filter_wpcf7_posted_data’, 10, 1 );
remove_filter( ‘wpcf7_posted_data’, ‘filter_wpcf7_posted_data’, 10, 1 );

WordPress – adding Google Fonts

There are tons of ways to add and reference custom fonts in WordPress.  Unfortunately not every available option is recommended.  In the worse case scenario you can break your theme.  In equally unsettling circumstances you can find your fonts are no longer available because of a theme update.

So, how should you declare Google fonts so you can safely use them in your WordPress Theme.

The way I’m doing it is to declare and load them in the themes functions.php file.
Depending on whether or not you’re working with protected Child-Themes you should be able to easily locate and update this file.

In the instance below I have referenced two Google fonts, Raleway and Open Sans.
Then I load them when initiating the theme.

function google_fonts() {function google_fonts() {
$query_args = array( ‘family’ => ‘Raleway:400,600,700|Open+Sans’,
‘subset’ => ‘latin,latin-ext’ );

wp_register_style( ‘google_fonts’, add_query_arg( $query_args, “//fonts.googleapis.com/css” ), array(), null );            }            

add_action(‘wp_enqueue_scripts’, ‘google_fonts’)

Having loaded them, they can be used within your css files.
ie.   p{font-family: ‘raleway’; font-weight:600;}

WordPress working with ACF Pro

One of the best features of the WordPress plugin “Advanced Custom Field (ACF)” is the ability not just to add custom fields, but by extension the abilty to create field type called ‘repeat’.
This lets editors add rows of content that is associated with a field  (in a crude way it’s like having relational data).

So, having created the field and poplated it with data (for example, adding multiple images to a post to are presented in a  table)

// test if the ACF field has rows

if( have_rows(‘image_sliders’) ):
   // run through the rows to get elements in each row

    while ( have_rows(‘image_sliders’) ) : the_row();
      //  get_sub_field is the key

       echo “<div class=’imagecon’><a href=”.$theLink.”><img src=”.$theImg.”></a></div>”;
   else :

// clear query after use