The Christmas season is upon us and with it comes the slightly nervy realisation that should anything unexpected happen to your website, your revenue could be seriously affected. At this critical point in the calendar your website is much more sensitive to outages, so it pays to be prepared. The below are ten key points to help you avoid costly website downtime this Christmas. Think of them as a Christmas (to-do) list.

  1. Keep your hosting payments up-to-date. Yes, it may sound obvious, but I’ve seen plenty of sites go offline because the client forgot to pay their hosting bill.
  2. Watch out for domain-expiry. Another rookie error! But, again, I’ve seen sites go down at really critical points due to the expiry of a domain. Remember to check all the domains your site relies on; and remember the administration area may be under a separate domain.
  3. …and SSL cert–expiry. Don’t just check your domain names’ expiry dates; check your SSL certs too.
  4. Check your available disk space. There’s nothing like a lack of disk space to swiftly take out a site without warning. Hopefully your managed hosting provider will be checking this; but don’t leave it to chance – get New Relic installed, it’s free for server monitoring and can generate alerts.
  5. Have a DR Plan in place. Of course, should anything go wrong you need a well-thought-out DR plan so you can quickly respond to the situation if it rears its ugly head. You should identify who would deal with the issue – based on when it occurs and what type of incident it is.
  6. Get an external monitoring service. This is absolutely essential. An externally monitoring service can quickly raise an alert if your site isn’t behaving as expected. The quicker you can get the site back into normal operation the more money you will save, and the less disgruntled your customers will become.
  7. Get a health-check page. This is something we recommend to all Cohaesus clients now, and we always factor them into our builds. A well written health-check page can quickly identify where the problem is; it can check connections to the data stores, and the site’s ability to connect to third-party APIs. It obviously needs to be secure and not publicly accessible.
  8. Conduct external security checks. While you’re probably doing this via ASV or have had a pen test, there are some great new services such as ArmorHub which can scan the site at a much higher frequency – and at a far lower cost. A site-defacement will take the site offline for an extended period, so you need to limit the chances of that happening.
  9. Do some load testing. If you don’t have any idea of how much load your site can take, you are about to enter the busiest season of the year wearing a blindfold. Load testing can be performed out of hours and will help you plan now for anything which could improve your site’s performance. Remember, a faster site makes for a smoother user experience – and increased conversion.
  10. Make sure your backups work. Sure, your hosting provider is taking regular backups (securely stored of course), but do they work if they are needed? Ask them to test the backups and guarantee that the site can be fully restored from their backups. It is a great idea to actually run a test to see if you can restore the site from a backup. Also, check and confirm how long it will take to bring the site back from a backup if all the servers were lost, and add that into your DR plan (see point # 5).

That’s it. Hopefully most of the above is already in place. If not, you’d best get moving; Father Christmas won’t deliver this lot for you.

Author: Richard Bundock

Image: jollyuk