Website Requirements for Designers/Developers

OUR APPROACH TO WEBSITE HOSTING
Out of Nowhere provides high-touch hosting services. Our clients don’t submit support tickets or wait on hold for help when they have questions or concerns. They have direct contact with the owner through her email or personal cell phone. We go further than that. We base our hosting on what we call “The Good Neighbor Policy.” Multiple sites are hosted each of our servers, so every site has a responsibility to share resources equitably and to maintain their site’s software. This ensures all sites on a given server are not affected by any single site that creates security issues or abuses server resources. Our premier hosting service includes all the work required for each site to be a good neighbor to others on the same server.

WHAT WE DO FOR THE NEIGHBORHOOD
For all the sites we host, we constantly monitor the software (WordPress Core, Themes, and Plugins). If any of that software releases an update, we take care of it immediately. Additionally, we create incremental, daily, weekly, and monthly backups to off-site locations. We scan sites daily for vulnerabilities and we monitor uptime and respond immediately if there is a problem. We monitor server resource usage and if there is a concern, we identify the source and correct it. Lastly, we send our clients monthly reports of all the work we have done during the previous month to keep their site functional, safe, and secure.

HOW TO BE A GOOD NEIGHBOR
Obviously, we work very hard to ensure the safety and security of all sites hosted on our servers. That’s why it is very important that anyone who works on any of the sites we host follows the guidelines outlined below. If you are a designer/developer for a site we host and you have questions about these guidelines, plugins, settings, or other site-related issues, please contact Mary Beth at info@outofnowhere.net.

ADD ONLY PLUGINS THAT MEET SPECIFIC GUIDELINES TO ENSURE SITE SAFETY AND LONGEVITY - Click to review the guidelines - REQUIRED.

When adding a new plugin, please follow these guidelines. If you don’t, you may unknowingly install a plugin that has vulnerabilities or the plugin may quickly become obsolete. We regularly review site plugins and if any pose a risk to the site or the server, we will ask you to either remove it or replace it.

Free Plugins
You can search for free plugins at wordpress.org. When selecting a plugin, you must ensure the following actions have been completed:

  • The plugin must have been tested with the “Latest Release” of WordPress. When reviewing plugins on wordpress.org, you will see a notation listed with the plugin that says, “Tested with [version number].”
    Check here for the Lastest Release version: https://wordpress.org/download/releases/ and make sure the plugin version and the Latest Release version are the same.
  • Avoid plugins with low version numbers, for example “0.8”. This indicates the plugin is very new and it likely hasn’t been fully developed, may have vulnerabilities, and has a high likelihood the developer will abandon the plugin and you will be asked by OON to find a replacement plugin.
  • Choose plugins with high star-ratings and a large number of reviewers.
  • Choose plugins with a high number of installations. The higher the number, the more likely the plugin is a good choice. You can find this information on the plugin’s page at wordpress.org.
  • Review the plugin’s support history. On the plugin’s page on wordpress.org, click the tab that says, “Support.” If posts requesting support have no replies, you can expect the developer to not be available to help if you run into any issues or have questions about the plugin.
  • Choose a plugin that was has recently been updated, at least in the last year. If it has been over a year, may have been abandoned and have vulnerabilities. You can find this information on the plugin’s page at wordpress.org. Note: If it has been over a year since the plugin has been updated but it shows it has been tested with the Latest Release of WordPress, if the next step shows the plugin has no current vulnerabilities, it is probably safe to use.

Search for the plugin at https://wpscan.com/. to see if the plugin and version you want to load is listed. If so, click the link to see if the vulnerability has been fixed. (This is usually listed in green.), If it shows the plugin and version you want to use has a vulnerability that has not been fixed, you may not load it on the site.

Premium Plugins
Many of the free plugins listed above have a premium paid version with more functionality There are plugins are not listed on WordPress.org. For these plugin, go to the site where you purchase the premium version and look for the “changelog.” Make sure the plugin is releasing regular updates. If is not, do not purchase and use the plugin. If you can’t find the changelog or don’t know how to do this step, please contact OON at info@outofnowhere.net and we will happily look for it for you. Do not load any plugins you find only on GitHub. They are likely not fully developed or supported.

DO NOT MANUALLY UPDATE ANY THEMES OR PLUGINS - Click for important details.

Out of Nowhere uses special software to both monitor and update software (WordPress Core, themes, and plugins) on each site we host. Sometimes, like on a weekend, the software may go a couple of days without us applying an update. If you happen to notice that a plugin needs an update, DO NOT manually updated it.

The reason for this is simple. The program we use to update site software creates a history of all actions it performs on a site. If a site breaks because of an update we perform, we can easily examine the site’s history and quickly identify which plugin may have caused the problem. This allows us to efficiently diagnose and address the issue. Manual updates of site software are not logged in our program’s site history, and if a manual update creates a problem on the site, it can be very time consuming and difficult to fix, potentially resulting in unnecessary charges to your client.

If you notice a plugin that continues to show it needs an update for an extended period of time, please notify us at info@outofnowhere.net so we can determine and correct the reason for the delayed update.

DO NOT ENABLE AUTOMATIC UPDATES - Click for important details.

This guideline is very similar to the one regarding manually updating software in the WordPress Admin. Out of Nowhere uses a special program to both monitor and update software (WordPress Core, themes, and plugins) on each site we host.

The program we use to update site software creates a history of all actions it performs on a site. If a site breaks because of an update we perform, we can easily examine the site’s history and quickly identify which plugin may have caused the problem. This allows us to efficiently diagnose and address the issue. WordPress automatic updates are not logged in our program’s site history, and if an automatic update creates a problem on the site, it can be very time consuming and difficult to fix, potentially resulting in unnecessary charges to your client.

DO NOT REMOVE PLUGINS ADDED BY THE SITE HOST - Click for important details.

Out of Nowhere Hosting may install plugins that provide site:

  • Backups
  • Security functions (like firewall, traffic monitoring, and prevention of malicious activity.)
  • Plugin & Theme maintenance
  • SSL functions
  • Cron job scheduling
  • SPAM prevention for contact and comment forms

Do not uninstall these plugins as they are vital to the security and functionality of the site. If you are unsure about a plugin, please contact Mary Beth at info@outofnowhere.net.

ONLY USE THE THEME'S BUILT-IN PAGE BUILDER, NOT GUTENBERG OR CLASSIC EDITOR - Click for important details.

Get to know the theme installed on the website and all the functionality it includes. This is very important. Look up the theme documentation online for instructions on how to use it’s builder. If you need help finding it, please contact Mary Beth at info@outofnowhere.net.

If you don’t take the time to learn the builder included with the theme, making edits to pages will be very difficult. If you build a new page and you use Gutenberg or Classic editor, you will create a confusing design/development environment for yourself and any future designer/developer.

DO NOT DELETE OUR ADMIN USER ACCOUNT - Click for important details.

Our Admin User account is used for monitoring and updating WordPress core, themes, and plugins; accessing the site to fix any plugin of other software conflicts; and performing periodic site audits to take care of anything our site monitoring program doesn’t cover.