Website Challenges 2020: Have You Addressed Them Yet?
Table of Contents
In our annual survey, we asked our clients what the biggest website challenges they foresaw encountering in 2020 were, wondering what we could do to help you overcome them. Now that the year is almost halfway through, it’s time to revisit what we’ve done so far to address those challenges and share some insights on how we help you tackle them, as well as tip you what to do about them on your own.
Cybersecurity is The Biggest Challenge
The majority of our respondents (54%) saw keeping their sites secure as the biggest technical challenge in 2020. And we totally agree with you! Cybersecurity is an ongoing process that should be at the top of the mind of any Internet user, professional or otherwise.
From the perspective of a web hosting company, here at SiteGround, we know that keeping our sites and users safe is a never-ending task. Hackers and all sorts of web criminals are getting smarter by the day and the constant and rapid evolution of technology leaves many doors open for software exploits. Keeping the software on our servers (like Apache, Nginx, PHP, MySQL, etc.) up to date is the first and most basic line of defense, but nearly not enough.
That is why we have a special team of security specialists whose main responsibility is to keep track of security reports and monitor for potential and unannounced yet exploits. Once they get a confirmation for a new vulnerability, they rapidly act to write custom firewall rules that patch it on day zero and protect the websites we host.
Then there’s keeping up with the latest technologies we can integrate. Take the encryption protocols that guarantee a secure connection between your browser and the server delivering the content. We make sure we always have the most recent one available for our clients to use – we were among the first to deploy HTTP/2, QUIC and HTTP/3, and more.
At the same time, one of the most frequent threats against any website are the DDOS attacks, which are getting more fierce and prolonged as server resources are getting cheaper over time. That is why our system administrators monitor our servers’ health 24/7 and take immediate actions to divert the bad traffic through software and hardware devices.
Then, there are brute-force attacks, one of the most common ways to hack a website by guessing their login details. We extend our server-level protection with an in-house AI-powered anti-bot software that monitors for malicious traffic and blocks from 500,000 to 2 million brute-force attempts per day.
All the security work we do as your host should give you peace of mind, but it would work even better if you follow a few security guidelines yourself:
- Use complex passwords and do not share them with anyone. It’s recommended to use a preferably meaningless combination of letters and numbers about 8 symbols long to make sure that guessing or brute-forcing your password is extremely hard.
- Install an SSL certificate. In case of a security breach, the encryption of the connection will keep your data safe (we offer the Let’s Encrypt certificate for free ).
- Use two-factor authentication to log into your apps and more specifically your SiteGround Client Area. This will make it quite hard for anyone to log in even if they know your username and password. Read here how you can enable the two-factor authentication
- Make sure you run on the latest stable version of PHP and WordPress or any other CMS you may be using for your site. Many clients postpone PHP updates, and even the more simple WordPress updates, out of fear that they may break their site and they will need to pay a developer to fix it. But believe us, when we say this – it’s a lot more expensive to fix a hacked website than the few broken queries potentially resulting from a version update. Additionally, we offer Managed WordPress auto-updates and a Managed PHP service, enabled by default for all new accounts, and which means that we will automatically upgrade your PHP and WordPress, so you don’t have to.
- We recommend installing a malware scanner as well, directly on your site so you can get an alert in case of a breach and act quickly. You can use a plugin, if it’s a WordPress installation, or use an external feature, like the popular anti-malware scanner we offer.
To find more on the best practices on WordPress Security, we highly recommend to check out our ebook 21 Tips to Keep Your WordPress Secure.
Improving Website Speed is The Second Biggest Challenge
Improving website speed is the second biggest challenge for webmasters, coming at 48% of all respondents mentioning it. There are a lot of things that could be done to improve website performance and just like security, it’s a never-ending task. As a website host, we’ve done a lot of things to boost the speed of websites on our servers, but we’ll focus on some of the more recent ones.
We have been working on a complete WordPress performance solution built in our SiteGround Optimizer plugin. The plugin makes a connection with the host server to allow sites to take advantage of the caching capacity and also integrates a wide array of front-end performance features, which you can read more about here.
An even bigger step for our performance-boost this year was the migration to Google Cloud infrastructure, which allows us to use their extremely fast network, high redundancy, and powerful N2 CPUs which offer nearly 40% faster performance!
Additionally, with the launch of our new Site Tools, we replaced the Static Cache with a new NGINX Direct Delivery. We no longer serve images, CSS, JS files, and other static content from the server memory, but we use NGINX for direct loading of these files from the SSD instead. This improves browser caching for your site and also makes CDN usage easier and more efficient. Most importantly, NGINX Direct Delivery allows more RAM space to be used for dynamic content caching, without compromising on static content loading speed. Read more here.
Since website speed is such a critical factor, there are some additional things you can do yourself in order to improve performance:
- Use the SiteGround Optimizer plugin and turn the dynamic caching ON. By default all our sites on all plans have the standard cache (Nginx direct delivery) turned on and it helps tremendously to the majority of the sites. But more dynamic sites also need dynamic caching and even Memcached turned on as well.
- Use a CDN (Content Delivery Network). CDNs speed up sites immensely by caching up and delivering static content from the closest to the user location, saving precious fractions of time. Keep in mind that a CDN also blocks malicious traffic and even reduces SPAM, so there are other advantages in using one.
If you want to read additional tips on how to speed up your WordPress site, make sure to check the free ebook 21 Expert Tips for an Ultra-Fast WordPress Website eBook.