Last week AWS (Amazon Web Services) had a prolonged outage which took out half the big apps on the internet – it’s a good reminder that regardless of what underlying cloud service you use, downtime is almost inevitable.
That doesn’t mean that we can’t take steps to reduce it. Almost daily we help customers with downtime issues that could have been avoided through some better planning and a few mitigation steps.
Here’s a few quick ideas for you that will help reduce downtime risk and generally make your website & IT infrastructure more reliable:
Table of Contents
Renew your domain for as long as your registrar allows- 10 years for .com
This is one of our perpetual recommendations and appears as an action item in all our audit services – renew your domain name for as long as your registrar allows. For .com domains, that’s 10 years.
Domains are dirt cheap BUT the entire online equity (sometimes the entire business equity) is held within your domain name but that generally goes unnoticed until something major goes wrong.
Every week we have customers who’ve forgotten to renew their domain and it’s a mad scamble to figure out who the registrar is and to get it renewed.
A simple way to avoid this problem is to renew the domain for as long as your registrar allows. That will eliminate the risk of domain renewal downtime for the foreseeable future.
It’s easy to do, effective and cheap so there’s no reason not to spend the 5 or 10 minutes right now and do it.
While you’re at it, it’s worth paying extra for whois protection and also buying the domain name variations for any additional countries you operate in.
Separate your hosting infrastructure across different providers
There’s 5 key parts to your hosting:
- Your domain name, which you buy from your domain registrar
- Your DNS hosting, which is what turns web addresses and other addresses into IP addresses and makes your domain work
- Web hosting
- Email hosting
- CDN or content delivery network
Many businesses make the mistake of hosting these with one single provider which means an outage can take the business offline entirely. If you separate the hosting of these elements, they will be significantly more resilient and say if your web hosting goes down, if the components are separated, your email hosting will keep working.
At the bare minimum you should understand which provider you’re using for each of these services and the logon details. Also important to use two factor authentication for the logons as broadly speaking, if a single one of these services is compromised, they can be used to compromise other services.
DNS hosting in particular is usually overlooked but just like your domain name, your DNS hosting security is also of critical importance.
If you’re dealing with sensitive customer data or have a system whereby customers are logging directly into your infrastructure, it’d be worth looking into DNSSEC and getting this setup for your domain. This helps ensure that your DNS records can’t be spoofed, an attack that higher profile businesses may be particularly vulnerable to.
Backup your stuff
Downtime, outages and data loss does happen and similar to your domain name, your website and digital infrastructure also holds a significant part of your business equity and value.
We strongly recommend you backup all your stuff, not just your website, but all the data held in all the applications and software your business uses.
If you haven’t reviewed your backup strategy in a while it might be time to do that.
When we built our WP Alpha web hosting product, one of the key features we wanted was the ability to backup on hourly intervals and for customers to be able to backup to their own cloud storage. This ensures that data on stored in sites like Woocommerce is secure and that customers at all times hold a copy of their backups.
Expect downtime and plan accordingly
Downtime is going to happen – you need to expect it and have a plan in place for when your stuff goes offline. If downtime of a key service or your website is going to cost your business a substantial amount of money, then it may be time to review your disaster recovery plans and associated budgets.
Websites can be setup in a fault tolerant, resilient fashion but this comes with cost and complexity – it’s better to plan in advance and budget appropriately than be caught off guard when your technology infrastructure runs into a problem.
One very simple (partial) solution for small businesses is using Cloudflare’s Always Online feature – this offers basic protection against downtime and in most cases will at least display the homepage of your site if there is an issue. You can learn more about it here https://www.cloudflare.com/always-online/
Give some consideration to data encryption
Several weeks back we sent an email titled “data in motion vs data at rest” – it was about understand how or if your company data is encrypted while in transit and when stored. By default, WordPress doesn’t encrypt customer data and stores it in plain text, as do many other services.
Depending on what industry you’re in, you may actually be legally required to encrypt customer data so it’s worth paying some consideration here. You can see that email here: https://app.bentonow.com/share/LvMOzbO9ZGY4e7