Displaying items by tag: Joomla Web Designers Spain and UK
Are you absolutely sure that you're fully complying with GDPR regulations and directives? You need to be certain of this, because if you don't comply there could be some serious pitfalls ahead. We all have responsibilities, so it's essential that we know exactly what is required of us.
In my position, I have a duty of care to advise you on best practices, and to ensure that your websites continue functioning 24/7/365 without grief! I can only do that with your cooperation in the event that your applications are approaching end of life. And since the implementation of GDPR in May 2018 the stakes have got a lot higher. Now it's not just me telling you, the European Union are saying it as well - and they're enforcing it to the letter.
Outdated software is always going to mean a jackpot for hackers, but there are some website owners who are seemingly willing to roll that dice! Unfortunately there's now another implication, and this one can do you more damage than any hacker is capable of doing. And that is failing to conform to GDPR compliance!
GDPR is about risk assessment and mitigation. If businesses use software that is EOL (End of Life) they are knowingly, or unknowingly, increasing their levels of risk and in breach of GDPR. If you fall into this category then you are likely to face the heaviest penalties if personal data is compromised.
That applies to everybody, irrespective of whether you're in the EU or not. For example, if you're in the US, the HIPAA Security Rules state that entities must “implement security measures sufficient to reduce risks and vulnerabilities". And if you're using unsupported or EOL software then you are in breach of this regulation.
So how does all this affect you and us?
In your case if you use outdated software and there is a data breach you face huge fines. In the first 9 months, 206,326 cases were reported!
The biggest so far is Google who had a €50 million fine levied in France, then the levels vary according to the severity of the breach. A Healthcare organisation in Germany had an €80K fine for exposing sensitive personal data, and even a small social site there got hit for €20K for storing user passwords in plain text.
In our case, we cannot provide you with EOL and outdated software. If we do, then we are in breach of GDPR regulations for using insecure applications to handle clients' data.
My ignorance or your ignorance doesn't cut it! We are all accountable, so we need to be aware of the possible ramifications of breaching GDPR regulations. Let me be absolutely clear here......the financial penalties in the event of a data breach are potentially crippling as you can see HERE!
I also suggest you review a summary of the regulations HERE......in particular the directive "Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing".
What's caused this scenario?
It's down to the accumulation of data breaches over the last 25 years due to the casual attitudes of website owners, which also includes Government departments and large enterprises, who never took security seriously. Then throw in the massive corporations who've deliberately misappropriated users' personal data for both financial and political reasons.
This has now led to a situation where we're being monitored, and held to account, as if we're living in a world borrowed from the dystopian fiction novels of George Orwell!
To summarise.....I've always kept clients aware of the dangers of end of life software. However, I'll openly admit that in the past I have allowed a little bit of leeway for them to get their sites updated. Or if they choose to do so, move their accounts elsewhere and continue to take the risk. But I cannot do that any more......otherwise we'll all be breaching GDPR regulations. So if a client is approaching the point of EOL software on thir account, the situation needs to be addressed prior to expiry........not at some point after that date.
There may well be providers who will take this risk because they don't want to jeopardise their income stream. We won't do that.........the penalties for data breaches are too severe to leave anything to chance.
So we're all in the same boat here inasmuch as we have to ensure that we are in full compliance with GDPR regulations. Be aware that there's no "Get out of Jail" card on this one!
What we provide with our Managed Services Plans:
Site security updates applied on day of release.
Site errors rectified subject to site software being current.
Enterprise strength site security firewall.
Malware removal on sites using Cloud based Auto Clean for infected files.
Uptime monitor checking connectivity to your site every 5 minutes 24/7/365.
Proactive monitoring of site and server security notifications related to your account.
E-Mail delivery monitoring.
Ongoing DNSBL IP Reputation Checks.
Ongoing Domain Reputation checks powered by Google Safebrowsing.
Daily account backups to a remote server on the network using R1 Soft technology.
Twice a day database backups.
PHP version upgrades subject to site software being current.
Immediate site and mailbox restoration.
GDPR compliancy implementation.
SSL / Dedicated IP address implementation.
Cloud Linux optimised servers.
Server and site protection by CPGuard commercial security system.
Sites protected within CageFS individual containers.
KernelCare seamless operating system security updates with no server reboot required.
cPHulk Brute Force Detection.
Shell Fork Bomb Protection.
Optimised ModSecurity rules.
High CPU, RAM, and disk inode allocations to each site.
SSD Hard Disks.
Rapid response to clients with personal support 365 days a year.
Please do not confuse our services as listed above with basic web hosting accounts that are sold by web hosting providers.
We do not sell basic web hosting services, we deliver Fully Managed Service Plans for our web design clients. No web host will manage, update, and rectify faults on your website, all they support is the server and the network.
What we don't provide with our Managed Services Plans:
Web Design services using any application other than the Joomla content management system.
Web Design services on any third party server.
Website or Hosting Support of any site that is located on a third party server.
Website or Hosting Support to anybody who is not a current client of WebSpain.
Website or Hosting Support for websites using end of line software and/or running on withdrawn PHP versions.
Website or Hosting Support for a client's additional services that have been contracted tthrough a third party provider.
Bulk E-Mail sending facilities.
Promotional and Marketing Services.
E-Mail Marketing Campaigns.
Bulk data input services.
Social Media Promotions.
PPC (Pay per Click).
Bespoke Programming and Coding.
As an example, the managed package detailed above for a client using 20GB diskspace in a UK datacenter would be approximately €395 a year. But of course there are alternatives to our services! Who knows......the grass may be greener elsewhere? So I've listed a few options, all of whom deliver professional services that I anticipate would be on a par with ours.
Web Hosting €280 a year (Clook) plus a Site Firewall €175 (Sucuri). Total €455.....but this does not contain site management, only hosting and security facilities.
Site Management €850 a year (Joomlashack). This contains site management, but no hosting facilities. So add the two options together to match the full WebSpain package and it would cost you €1305 a year.
Site Management and Hosting combined from €1050 up to €3200 a year (JoomDev). This is the closest match to what we provide, but there is no indication on their site of diskspace allocation or the number of sites covered. And there are limitations in the number of support tickets that you can submit per month.
So if you're comparing like for like that's how the figures stack up. Of course, if you don't want support or security of any kind for your site, and your only requirement is cheap hosting......then you're spoilt for choice. There's virtually no end to the numbers of "providers" who can supply you with diskspace on oversold servers and you can just wing it from thereon. It's what I call the "Occupational Suicide" option.
It's not a course of action that I would recommend if you have a viable business. But if your website isn't important to you, or you don't care about running obsolete software and having dubious neighbours with adult sites etc in close proximity to you.....then it's certainly worth considering. You may well be able to find somebody for less than €50 a year......but the amount you pay will have a direct bearing on the level of service you receive. Because at those unsustainable levels of pricing there is no margin for the provision of professional support personnel. Just bear in mind in that scenario you're on your own as regards your site, and depending where you go, you may well be on your own in the matter of having a reliable hosting service and e-mail facility as well.
One point I do want to emphasise is that if you do not have a current WebSpain account, you are not a WebSpain client. Therefore we will be unable to assist you with any problems that you may encounter. Our service is only for current WebSpain clients, as they are our sole focus of attention.
If you want to maintain similar levels of service then you're looking at over €1000 a year minimum......compared to our example price point of €395. Of course you can get cheaper if you're willing to lower your expectations. But when you go to the very bottom of the barrel then it's not how much money you can save, it's how much grief you can withstand!
We've always tried to stay ahead of the game on all the potential changes and advancements within the web industry. Our goal is to inform our clients of anything that they need to know, in order to ensure that they are secure, and in a better position than their competitors. The protection of clients' interests is always at the core of what we do.
But that can only happen if these news articles are actually read, and appropriate action is taken. They are of benefit to everybody.....and after all, do you really want competing businesses leaving you behind?
Are they worth reading? Well let's look at a few things that actually came to pass!
Mobile Compatible Websites: If you go back to 2012 we were the first Brit web designers in Spain to have a mobile compatible site, and the first to provide mobile compatible sites to our clients as standard at no extra charge. Now everybody does.
We said at that time that mobile compatibility would eventually be Google's priority! And sure enough in April 2015 Mobilegeddon occurred.....where any non-mobile sites were dropped in the listings. We then speculated that Google were likely to adopt a policy of Mobile First where they would be looking for a mobile site first and foremost. And sure enough, that happened in January 2017.
HTTPS/SSL Websites: In August 2014 we published the article SSL for SEO where we discussed Google's new emphasis on HTTPS/SSL encryption on all sites to protect visitors from identity theft and phishing attacks! And that Google were likely to prioritise these sites in listings due to them providing a safe and secure environment for users.
At that time around 15% of sites in the top ten had this in place. By this time last year the figure had risen to 30%. Currently, latest studies from MOZ show that this has now passed 50%. Projections are that this is going to continue to rise to around 65% by the end of this year. Does your site have the green padlock in the address bar to reassure users and Google that you are actually a professional?
Security: Over the years we've continually emphasised that security is the most important aspect of what we do. We will not run obsolete software on the servers, and we will not permit outdated website applications, or sites from other designers, to be put on our servers. We've strongly recommended that every client's site is always up to date and that they put a commercial security firewall in place....because I can guarantee that every day somebody is trying to break into it.
And now Google has come out and said exactly the same thing: "It’s best to take a preventative approach and secure your site rather than dealing with the aftermath". Do you have a security firewall on your site?
SEO: Look back on here over many years and you'll find numerous articles telling people the REAL truth! We've always built websites properly following all Google recommendations and guidelines......and emphasised to clients that they must generate quality content to get good results.
Unfortunately, others just spewed out a torrent of disinformation to assist their "hard sell" business plans......and many people got their sites blacklisted by Google as a result of these "initiatives". Not to mention how much they paid for these services in the first place.
I'm sure people actually thought I knew nothing about the subject (despite the fact that this site has dominated Google for 10 years).......but then Google came to my rescue! Because they finally published their Search Quality Guidelines which validated EVERYTHING that I'd been saying for years. So when somebody tries to sell you an SEO Magic Bullet.......just refer to that article. Because it blows that myth out of the water.
So that makes FOUR major web developments affecting you and your business within the last five years where we were ahead of the game. And we kept you ahead of the game too! Get informed! Don't let your competitors get ahead of you in areas like this.......because if they're better informed than you, then they're more likely to do better business than you. There is no substitute for Knowledge! It's not about Web Design.......it's all about Business!
Google has now started sending out warnings to users that are running outdated and vulnerable software installations. Which is what we have been doing for years in order to ensure our clients are not at risk.
This action from them has probably been initiated due to the continual problems caused by webmasters who just don't take security seriously. There was recently a mass defacement involving hundreds of thousands of websites using the Wordpress content management system (which we don't use) called the REST API Vulnerability. And no doubt this has now driven Google to take this action.
The message users are receiving (depending on what software they're using) is this:
"Google has detected that your site is currently running Joomla 2.5, an older version of Joomla. Outdated or unpatched software can be vulnerable to hacking and malware exploits that harm potential visitors to your site. Therefore, we suggest you update the software on your site as soon as possible".
So let's just recap on the warnings Google are now issuing:
1. Sites should be mobile compatible.
2. Sites should have HTTPS/SSL security.
3. Sites should be running up to date and secure software.
I'd also add that every site should have it's own security firewall installed......which could well be the next step Google will take.
Let me emphasise that Google are not saying that you have to have a site of the technical complexity of Kyero or eBay etc.....they're just making it clear that it should reach a basic level of professionalism and responsibility.
Saying that......I've actually had people who are knowingly in the position above actually ask me how they can improve their Google positioning. Just let that sink in! They fail all of the basic criteria that Google requires, they've received multiple warnings to that effect.....yet they want to be recommended by them.
Bottom line is if you can't demonstrate professionalism in your online presence then Google (and users) will just not take you seriously. Think of it this way: Most of you at one time or another will have experienced the damage caused by viruses, trojans, ransomware etc when your computer gets infected by malware. Where do they come from? From infected websites on the internet!
Google want to get this under control, and they will now penalise sites who refuse to accept their responsibilities regarding security. They're certainly not going to be recommending sites they class as dangerous to their users.
I'd go so far as to say that they will eventually take the view that if you're not part of the solution then you're part of the problem......and you'll end up becoming invisible. Others are following too.....because I've had warnings flash up from Facebook that I may be leaving there to visit a site that is classed as dangerous. So all the big players are getting behind these security initiatives.....it's not something you can ignore.
If you're a client, then we've already notified you of your status in each of the criteria. If you're not a client, then your current web developer should have kept you up to date on all these developments to ensure you were protected. If they haven't, then get in touch and we can run some checks for you.
As we get older, we tend to look back and think that life was better in the past! It was certainly simpler then that's for sure.
But time moves on for all of us and the only option that we have is to go with the flow! There's no pause button to lock our life into one moment in time!
And never is this more true than with technology.....it just keeps advancing. I know that some people tend to resent change in these areas.....but ask yourself, would you like to go back to the pre-mobile era of basic flip-up phones? Ten years ago we could never have dreamed that we'd be walking around with the internet, and in many cases our business, right in the palm of our hands. These sort of advancements require change, as older technologies and applications are gradually replaced by more efficient versions. You're getting the benefits of these developments every day....in everything you do.
The same principle applies to the software applications that power websites and servers. They all get better, quicker, more efficient, and more secure. And I want to touch on just one aspect of that.....PHP. PHP is a widely used scripting language for web applications that powers most of the sites that you visit every day. Including your own!
Those of you on older sites are aware of the upgrade to PHP 5.6 this month which could render some of these obsolete sites as unuseable. We are able to relocate these sites to alternative hosts that are still running older PHP versions, so the sites will still be able to run. But all you're doing is hitting the pause button and trying to lock yourself into a moment in time that's now gone. And it's not just the time that's gone......it's the security and efficiency as well. Security always has to be the predominant factor in the equation.
As we've touched on PHP, let's examine how it's improved over the years by looking at the graph below. This only relates to speed, but you'll get an idea of the groundbreaking improvements that have been made.
We originally started on the PHP 4 series, and then started moving incrementally through the PHP 5 versions.
By 2008 we were on PHP 5.2.....and due to the advancements it made, the time had dropped to 4.2 seconds.
In 2012 we upgraded onto PHP 5.3, and the time went down to 2.9 seconds.
In 2014 we moved to PHP 5.4....which dropped the time down to 2.18 seconds.
Last year it was time for PHP 5.5 which resulted in yet another drop to 2.03 seconds.
June 2016 and it's time for PHP 5.6, as PHP 5.5 is end of line. And we're now below the two second mark at 1.92 seconds.
Compare the times from 2006 (over 12 seconds) to 2016 (under 2 seconds)......that's an incredible difference in speed. And also in efficiency, because it uses less server CPU and memory doing it, while being totally up to date on security.
The next PHP upgrade after this will be PHP 7.......and that will be at the start of 2019. Current tests seem to suggest that it will cut the PHP 5.6 time by 50%, and come in at under a second to run that task. Now that is amazing, and it just shows how far we've come!
So why would anybody want to run on old, outdated, and insecure versions of PHP? Every version of PHP below 5.6 is now a serious security risk, and every website running on obsolete software is also a serious security risk. Put the two together and you've got the perfect storm!
If you have a current and viable business, with your website being an integral part of it.......can you seriously afford to take the risk of Living in The Past?
So who's the Best Web Designer in Spain? If you search on Google they seem to think it's us! But Google are wrong......we're not!
And I'll tell you who else it isn't.....the man in the pub! I'm sure you know the type: Been everywhere, done everything, knows everything, and in a former life was allegedly a mover and a shaker in big business. Use people like this at your own risk......we've seen the aftermath of these trainwrecks and it's not a pretty sight.
The reality is that if you think using professionals is expensive, just wait till you go down the amateur route. I would advise you to do your research carefully, and look for a longterm, proven, and verifiable track record in the industry. And it goes without saying that you need to take up references. These are some of ours: WebSpain Clients......and all the other pros will be able to show you something similar.
So who is the best? First we need to establish how the industry works. Generally the pros will specialise in a particular application or framework. Essentially, we're all doing the same thing but with different systems and on different platforms. We've worked solely with Joomla (and it's predecessor Mambo) since 2001, while others may be working with WordPress or Drupal, or perhaps they do bespoke sites with their own systems. And there are some who only work in specific business areas.....like Real Estate for example.
As you can see, there is a major specialisation and segmentation occurring here, and that makes comparisons very difficult. This specialisation doesn't occur with the man in the pub of course! He'll throw anything together with anything that comes to hand that happens to be free.....and you'll pay for the dubious privilege of being his guinea pig. Your choice!
What about Review Sites? You'll see these all over the internet, particularly for web hosts. These are not real review sites, they're paid ads.....and you can pay for any of the positions. Obviously if you want number one then that's the most expensive option, and the price then drops incrementally for the lower slots. We were approached a couple of years ago for a "Spain Web Designer Review" fiasco. Our position is we've never paid a penny for advertising in 18 years, so we're not going to start now! Particularly in a deceptive way like that.
To anybody who's considering working with a web designer, I'd suggest that you search on Google and speak to a few of them. Get a feel for who they are and how they do things. You need to find one that's a good "fit" for YOU! Remember that it's not about them.....it's about YOU.
So who is the best web designer in Spain?
We may be the best web designer for some people, but given the specialisation and fragmentation I listed above, it's not possible to be all things to all men! Unless you're the man in the pub of course! That guy is multi talentless on all levels.
The simple answer to this question is there isn't one! There's only the web designer that's best for YOU! It may be us.....or it may be somebody else. But one thing I can guarantee is that the "somebody else" is never going to be the man in the pub!
It's a fact of life that whether we like it or not, time moves on for all of us! Particularly within the IT industry, with so many new innovations occurring on a regular basis!
As a consequence of this ever changing environment, a question that I sometimes get asked is "How long should a website last?"
Unfortunately there's no simple answer to this one, because there are many contributing factors that can influence longevity.....most of which are beyond our control. I'm referring to factors such as discontinued software applications for sites, and vulnerable server software being withdrawn. Then there's new technologies that emerge......a typical example of that being mobile responsive websites.
However, I'm going to give you the main reasons for upgrading your website software, and hopefully give you an approximate timescale for when I'd consider it necessary.
The main reason for upgrading, and by a very wide margin, is security!
Cyber crime is rampant! But it's not just cyber criminals that an online business needs to worry about.....it's vandals! In fact, these are your biggest threat. Just the same as if they broke your shop window or daubed graffiti on your walls, they'd love nothing better than to trash your website. It's a game to them!
Did you know that there are sites out there that actually organise competitions for members whereby they score points by defacing sites? And they always leave a calling card on your site (sometimes not very pleasant) in order to identify themselves so they can rack up points in the game.
Eventually, vulnerabilities that initially could only be accessed by the elite few will be accessible to even the novices. Very often via user-friendly interfaces, and even guided by online tutorials! It's one of the reasons why software keeps moving on in terms of older, vulnerable applications being withdrawn and newer versions being introduced to replace them. While no application can be guaranteed free of security flaws forever, newer systems are all coded with the knowledge of past vulnerabilities in mind, and patched accordingly.
We've always taken security on the servers very seriously, and the trigger for it to activate is very slight. But if a vulnerability exists in an application that allows a third party to infiltrate your site by simply walking in without raising the alarm, then none of these measures are going to take effect. Given a long enough timeframe, intrusion is guaranteed. So security must always be paramount in your planning.
Of course there are other reasons for upgrading your website. These would include embracing new technology. A typical example would be mobile responsive websites, which has been the most significant technical advancement in the past 10 years. This is the one that's changed the game totally.
Or maybe your competitors have recently taken a major initiative in revamping their web presence, and you're now looking like the poor relation? If that's the case, then it could be the time to consider upgrading.
Has your business switched direction? Or have you changed your marketing strategy? If so, then it may be time to change your website to match the new focus!
Perception! As the years pass, your site will look more and more outdated. And so will potential clients' perception of you. Essentially, you will not be giving them the confidence to use your services.
All of these are valid reasons to consider upgrading......but the security aspect is by far the most important!
As for the life of a site.....in principle it could run forever if you can find a webhost that will run obsolete server software indefinitely! Plus you'd need to be totally invisible to potential hackers of course.
In reality, neither of those scenarios are going to be very likely, so I'd say around 3 to 4 years before you'd need to think about replacing your existing site. If not for functionality and appearance, then most definitely for security reasons because you may well be vulnerable by that time.
But whatever your reason for considering an upgrade, you'll still get the benefits of all of the aspects! Plus you'll have the peace of mind of knowing that your site is looking modern and attractive to potential clients, while being as safe and secure as possible.
Starting a new business? Is your current website outdated? Are you losing business because competitors' sites are more professional? Do you need secure and reliable web hosting?
These scenarios are not unique....virtually all our clients come to WebSpain for the same reasons, and usually via personal recommendation from existing clients.
The first step is to contact us at
We'll reply very quickly, immediately identify your requirements and all the possible options available to you.
We can then design a demonstration site based on your preferences, with no deposit needed, and no obligation to proceed whatsoever. So you have nothing to lose, and a lot to gain! And if you like what you see, we can then complete your new website within 7 to 10 days!