Are you thinking of building a website yourself, because you want to reduce your costs? Whether it is a free website or a cheap one that claims to offer services hosting a site and Domain Name for £1 per week, here is a checklist of what you need to consider that JPN IT Solutions Ltd manage when a site is built, hosted and support. Consider using it yourself to aid in your build or project. Along with this list, you may want to look at some of the other FAQ’s to assist you with your build or project, consider reviewing some other areas of the FAQ
What code and platform will be used?
- HTML is pure code and not normally built by a typical person. It is not ideal for daily updates as much work is required to manage the site and development coding skills is required.
- WordPress is becoming a popular choice for most people to use. However, it still needs management in areas such as file storage locations, database and plugin updates and reviewing areas such as site responsive and fluid layout to ensure it reduces effectively for mobile technologies.
- Opencart is frequently used and an Open Source solution for shops
Hacking and Malicious Code Prevention
Hacking and malicious code injection onto your website is increasing as time goes on and with technology being taught so much more at schools and colleagues, there has and will be an increase in more hacking attempts from types of places.
To aid in this area, you should consider having two levels of hacking software installed. One should monitor your site externally and one should monitor your site on the web server scanning files continuously.
You should review the reports and take action on them when you receive an email.
Hack scenario: An example of a scenario of a site being hacked and possibility of what can happen:
- You receive an email from what you believe to be an organisation you have an account with (typical ones include apple, ebay / paypal)
- You click on the link in the email and it directs you to a valid company or organisations website that has been hacked.
- The email link opens the file on the hacked website and the page displays a replication of an apple / ebay / paypal website and requests you enter your security details in, which in turn sends the information to the hacker.
- From the organisations point of view, they have no knowledge of this occurring as their site appears fine and no content is touched. However, located inside their website are scripts or injection code replicating an apple/ ebay / paypal login screen.
- Problems then arise with the organisation having this code sitting on their website and action may be taken against the company for displaying this malicious code and not taking steps to ensure it did not happen in the first place. Not installing hacking software and scanning your site could mean you have malicious code sitting on your site for several months before it is found.
- If malicious code is found immediately, you can restore to a recent backup. If you do not know when the malicious code was installed, you may need to rebuild your website.
Remember to back your site up when updates have been carried out. This will aid if you site is compromised and you need to restore the site back to a previous state.
Thinking of taking payments on your website?
If you are registering to take payments from people on your website, you should consider adding a certificate to your site to make it secure. Your site pages will be shown as HTTPS, which uses port 443 and this adds encryption to people viewing your site for security reasons. Without it, you are putting your clients at risk of them having their information and credit card details intercepted and copied when they enter any information into your site.
Many potential customers won’t enter their credit card number, for lack of the reassuring padlock picture; they will instead shop at a competitor’s Web site
Resource for further information: https://en.wikipedia.org/wiki/HTTPS
If you prefer not to install a certificate, a possible option to aid in this area would be to ask the client to pay via PayPal ansd to an email address. Example scenario:
IMPORTANT: PAYING VIA PAYPAL – If you are paying by Paypal please email ??? after payment or send a message via ‘note to seller’, with your name. The only details received are on the Paypal Notification, so please also check your own name and address is correct before sending the payment via Paypal. Will you send a confirmation email of the order, or will they only receive a notification from PayPal?
Thinking Of Taking People’s Personal Information (Name, Home Address, Contact Numbers)
The Data Protection Act 1998 requires every data controller (eg organisation, sole trader) who is processing personal information to register with the ICO, unless they are exempt. Please read here for further information on the instruction you are obliged to take. –
Resource for further information: https://ico.org.uk/for-organisations/register/
Thinking Of Seeing Who Is Visiting Your Site Using Stats Software Or Google Analytics:
Cookie Law – On 26th May 2011, new laws came into force in the UK that affect most web sites. If cookies are used in a site, the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (UK Regulations) provide that certain information must be given to that site’s visitors and the user must give his or her consent to the placing of the cookies.
Google Amedments from 25 May 2018 – Version 1.6 of the Data Processing Amendment will apply (in relation to G Suite Agreements) until 24 May 2018 inclusive and, as from 25 May 2018 (when the EU’s General Data Protection Regulation comes into force), will be replaced by Version 2.0 of the Data Processing Amendment.
Summary: You will need to read and understand version 2.0 of Google Data Processing Amendment (DPA), which has been specifically updated to reflect the GDPR being introduced by the EU in May 2018.
Files and Image Sizes
If using a WordPress solution, consider adding the file or image to a separate folder structure outside your WordPress installation, uploading it via an FTP solution. Failure to do so will mean that all your files will sit in one Upload director which can become difficult to manage as your site grows.
When you add an image to your website, you should review the size that you are uploading it in. Most images uploaded to website are inserted in the wrong manor. This has an impact on the speed in which your website will open up. The longer a page takes to open would result in your clients clicking off your site and going somewhere else.
You should never copy images from someone else’s website. This includes organisation logos, even if you supply the organisations services. All your images should be purchased from a Stock Supplier source or permission should be received from the organisation to display their company logo, before you use it. You should keep these authorisation emails as evidence in the future, should you be asked who gave you permission to use the logo. Failure to take these actions leave you open to being fined in the future.
If using an organisations logo, the typical options they provide are:
- They say yes and allow you to copy if from the internet.
- They supply the logo, which is sometimes different to the one you can download.
- They supply the logo and confirm where they want the link to go. They may also ask to look at it before you publish it. The link they provide may be either the organisation home page – a medical page – or the consultant profile page.
- They supply the logo and allow you to action in an appropriate way, which would be linked to your Profile on the hospital page.
- Note: Maps, addresses, contact information and links to your profile are not a problem. Logo image copyright is. Introduction wording from organisations front page or services area may also be copyright protected.
Adding a sitemap to your organisation allows browser service providers to index your site in the correct way. If you use a solution that generates this map automatically for you, before you uploaded it to browser services providers (Typically Google and Bing), consider editing it and only leaving required pages in the file to be indexed.
Resources and information on this file can be found here:
Your site will need a Robots.txt file. This file gives instructions about their site to web robots about what can and should not be indexed. It is known as The Robots Exclusion Protocol.
Resource and information for this file can be found here: