Issue #490
Web Hosts To Avoid
Hello my friends. Looking like a fun start to the week, with a tropical storm just buzzing by my house and the markets being pretty choppy out there.
Lots of noise out there.
Lots of potential distractions. Frankly, that’s the nature of the times we’re in right now.
But…
Focus is how you win. Focus on your games, your business and your goals. Focus on what you control. While others are distracted by things they don’t control, others are winning because they weren’t paying a lot of attention to all the noise. They buckled down. They were productive. They win.
Just thought that might be a relevant reminder as we start off the new week. š
OK, let’s roll…
In This Issue…
Featured This Week
Why I Stopped Using Google Analytics (And What I Use Instead)
After removing the stranglehold of ābig tech on my business and life, Google Analytics was one leftover I hadnāt yet replaced. But, now I have. Google Analytics is annoyingly complicated, and it isnāt the only game in town.
Beware Of Cheap Web Hosts
So, I’m well aware that that headline might come off as self-serving. As if I’m about to tell you to stick with the higher priced hosts. The ones I have affiliate relationships with, no doubt. š
But, no. I don’t care who you use for hosting. But I will say…. you get what you pay for. And some are indeed worse than others.
This last week, I brought on a new Concierge client who had his site sitting on Hostgator. And I had to RESCUE that site from the bowels of that host. š¤
See, his site was hacked. And in their effort to “fix” the site (and clearly they were chasing things that weren’t even relevant because their support people don’ t know what they’re doing)…. they disabled all plugins and basically left the site limping and broken.
When I got into the site, I saw almost 7,000 spammy gambling blog posts had been inserted. I saw 4 extra Administrator profiles that didn’t belong. It was a mess. Also, once I had the site on Rocket, we ran a malware scan and found over 30 suspicious things throughout the file system.
Now, this isn’t the first time I’ve seen this on Hostgator. Seen it on Bluehost several times, too. Both of these commodity hosts are owned by the same people: Newfold Digital.
Now, these kinds of hosts have certain common attributes:
- They offer really cheap hosting
- They often offer very large affiliate commissions. Which leads bloggers to recommend these options despite the fact that they suck.
- They offer a lot of upsells. (more on that in a minute)
- They offer to do it all. Domain registration, email, web hosting, etc. Because they don’t really specialize in anything.
Now, these two specific companies I’ve seen be problems so many times I’ve lost count.
When a site gets hacked on these hosts, the support people will almost always blame the customer. And the attempt to fix it can often be just as bad as the hack was.
They’ll want to charge you money to fix it.
They’re not even motivated to have secure web hosting environment because upgraded security is one of their upsells. They want to sell you SiteLock as an extra upcharge. The entire thing feels like a scam to me, frankly. Their hosting has the native security of swiss cheese because they want to upcharge you for malware scanning. So, they leave your site out to dry until the need arises.
Honestly, any web host that offers an upsell for extra security… run away. That includes a lot of them, including Hostgator, Bluehost, Godaddy, Namecheap, etc. They’re not incentivized to give you secure hosting if they can upcharge you for it. It’s as simple as that.
So, I rescued my new client’s site from Hostgator. It is now safely on Rocket. Rocket costs more, but it is solid hosting. Security is baked in. It stomps on Hostgator in every possible way.
And I fixed his site. We’re about to re-build it to get all of his membership mechanics modern and ready to rock. But, in the meantime, I had to fix the mess that happened to it while it was on Hostgator.
BTW, his site performance was apparently so poor on Hostgator that he was convinced he needed to offload the images. So, he paid some guy on Fiverr to offload a bunch of his images to Amazon S3. And hence, the moment Hostgator turned off all of his plugins, it literally broke every image on the site. It was bad advice he was given. Beware using Fiverr guys, too. Can’t say I recommend that. š
So, just be aware of the games with web hosting. And you usually get what you pay for.
Most of us have had that experience when we take our car into the mechanic for some small thing…. only to have them try to scare the crap out of you with all the things going wrong with your car and they try to upsell you to hundreds (even thousands) of dollars of extra mechanical work. And most of it unnecessary.
You see this more often than not with the big chain mechanics. Tire Kingdom tried to do it to me many years ago and I’ve never been back since.
Well, these cheap web hosts are similar.
Their ideal customer is the one that doesn’t understand any of the tech. And they hook you in with cheap hosting. Then you’ll get a bunch of upsells offers to you. SiteLock, etc.
This kind of game is as old as time, really. Sadly.
This Week In Concierge
Last week, we brought several new clients and new sites into Concierge. We’re being brought in to do some clean-up operations on some sites and do a re-build. And, of course, always feels good to rescue a site out of Hostgator or Bluehost. š
Sometimes, working on a site reminds me of working with old houses. Like, “fixer-uppers”. And it is fun as hell, in a nerdy kind of way. š¤Ŗ I do enjoy taking sites that are older and running older software… and just cleaning them up and making them shine. Doing a “spring cleaning”, as it were.
So, this next week, I’ve got some new sites to migrate in, some re-builds in progress, and some membership sites to begin modernizing.
Let the fun begin.These videos are on the new Client Information section of the account dashboard.
WordPress Quick Bits
BeeHiiv Does Audio Newsletters Now. BeeHiiv continues their fast pace of development… now introducing audio newsletters. Now, this isn’t a podcast, really. It is more than it uses AI to automatically take your written newsletter and allow your subscribers to LISTEN to it. Interesting. Read more about it here.
ThriveCart Falling Apart. Thrive had more issues last week. And overall, they’ve had a much higher frequency of technical issues over the last several months. And if you go into the group and talk about it, they’ll disable the conversation. Adam Presier (of Surecart fame) has noticed and was feeling out the desire for a replacement. But, it is true. Thrivecart has, sadly, turned into a platform I’d be looking to exit if I were still there. The fact that they’re still offering lifetime memberships after all this time is a huge red flag. It is hurting them.
Fluent Roadmap. If you’re using Fluent Boards, they’ve just released a new add-on for it called Fluent Roadmap. This will enable you to show a public roadmap for things, such as development schedules. Not needed for everybody, of course, but a nice addition for the right kinds of businesses. It is also a FREE addon if you’re already using Fluent Boards Pro. Learn more here.
PerfMatters 2.3.2 Released. My favorite WordPress performance plugin, PerfMatters, has been updated with a new CSS parsing library to fix some issues with removing unused CSS. Read the full changelog here.
AffiliateWP Introduces Forced Matrix Compensation. AffiliateWP now supports a forced matrix compensation plan using the Multi-Tier commissions add-on. In plain-talk, this basically allows more control over the specs of what is essentially an MLM referral setup, where affiliates can sign up other affiliates and build a referral network of their own. You can read more about it here. AffiliateWP remains pretty much the tog dog when it comes to affiliate programs for WordPress. Just unfortunate that Awesome Motive owns it. š
Fixing the performance of your website is often confusing. Lots of jargon. Lots of adviceā¦ most of it confusing. And truth is, it is a pretty holistic thing to tackle. You need to have a “big picture” understanding of what’s going on. You can’t just install a plugin and be done with it.
When you book WP Speed Fix, we’ll fix up your site’s performance scores. And we’ll do it together. I have the experience and all of the tools. And we’ll get it done.
Avoiding The Crowdstrike Moment With WordPress
It was the day before my family was scheduled to fly to Salt Lake City that the big Crowdstrike outage hit the world. It hit the airlines bigtime. And Delta Airlines worse of all. Which just so happened to be the airline we were supposed to fly on the next day.
Good news is that we made it. I think we were a little lucky. We arrived almost 2 hours late, but we made it. Flights everywhere were being cancelled, but somehow we slipped though.
But, that entire fiasco was due to a software update.
One little software update from Crowdstrike (they called it the Falcon update) somehow passed whatever quality controls they had and was automatically pushed out to 8.5 million Windows computers. The rest is history.
But, here’s the thing…
Many of us are doing the exact same thing with our WordPress sites.
We have auto-updates turned on. So, new core updates, new theme updates and new plugin updates are often automatically pushed out to our sites.
And what happens if they “crowdstrike” our sites?
Frankly, the situation is even more complex with WordPress because of the nature of the ecosystem. There are so many developer hands in the mix, what with all of the various plugins people are using. And you could have weird plugin interactions. I see it all the time, honestly.
Just a week or so ago, in fact, WordPress 6.6 was pushed out. A lot of sites automatically updated. That update contained some changes to the Gutenberg block editor that some plugins weren’t set up to handle yet. I noticed issues with FluentCRM’s email editor and Presto Player. Now, all that did was cause some issues with the editor. It didn’t take down the entire site. But still. š§
So, here’s how we try to avoid this. And it is what we do as best as we can with all of our Concierge clients.
- We don’t use auto-updates from inside WordPress. In some cases, clients have it enabled, but generally speaking we’d prefer to do it ourselves.
- We update plugins weekly… and we do it ourselves. We use a central management tool (called WP Remote) to manage all client sites and we do updates every Monday.
- The software we use has a system by which it detects issues caused by plugin updates. They call it visual regression testing and a scoring system called “UpdateLens”.
- I also monitor the space and reports. With the number of sites we help manage now and the people and groups I’m connected to, I will often know if there’s a problem beforehand. There have been times where I will avoid updating a plugin I know some of my clients use until an issue has been resolved.
- We obviously back up every day, so if something gets past us, we’re able to restore pretty quickly.
It isn’t perfect. Issues can happen, still. But, the last thing we want is one of our client sites getting “crowdstriked”.
You can learn more about what we can do for your site as part of Concierge. But, even if you’re not part of Concierge, I’d recommend at minimum that you back up every day and consider turning off auto-updates and doing it manually. This way you can at least control the timing. Just be sure to do it every couple of weeks or so.