If you answer any more than a few emails a week, & do so in capacity that requires accountability & reasonable response times, it’s likely time you started using a helpdesk. A helpdesk often is a centralized piece of software where folks can get support. Many feature frequently asked questions, knowledgebase articles & the ability to submit tickets and inquiries. There are many, many available versions with varied features. I’d highly recommend tinkering with each and finding one that fits your needs.
We’ve done a good bit of testing with each, and I’ll list the pros & cons of each below.
The bulk of the software below have the following:
Allow people to email you, and, for you to respond back via email. It’ll convert those emails into tickets.
The ability for multiple team members to login & manage said tickets. This makes for good accountability, and, allows everyone (whom might need to) to review said tickets.
Allows tickets to be converted into tasks, knowledgebase articles & FAQ pages to make it easier for other users to look up answers for their own questions.
Self-hosted means that you’d be responsible to host the software yourself, either on a web hosting account at a company like Fused or elsewhere. Some have non-self-hosted versions available where the vendor hosts it for you. There’s some advantages and disadvantages to self-hosted software.
Often open source to some degree, meaning you can tinker with the code & make changes as needed
You can move from host to host based on uptime & performance needs
There’s very little vendor lock-in. You can export your data to another helpdesk as needed
You get to upgrade the software yourself! Yay .
You (or your host) get to manage the security of said product. This can be both a plus or minus, but for most folks would be a minus.
We’ve used Kayako what seems to be over a decade. It serves our purpose well, but, given its age it’s beginning to show some wear & tear. Kayako offers both a self-hosted (i.e., one you host on a web hosting account at a company like Fused) & hosted version (one kayako hosts). The software features live chat, a helpdesk that allows emails to convert to tickets and a decent knowledgebase system.
It’s got a slightly antiquated interface, but nonetheless allows us to respond to inquiries promptly. It’s a great system to consider, but lacks some social features like converting facebook posts/twitter responses into tickets. Nonetheless, it’s got fairly open code, so if you’re technical enough you can add your own modules.
Link to Kayako: Kayako
Cerberus is great. No complaints, slightly antiquated interface, but it “gets the job done”.
Link to Cerberus: Cerberus
Desk is a great product from salesforce. It has a decent interface, lots of applications available for mobile, ipad & desktop. It features a long list of social media integration (for twitter responses & such) and overall has a decent pricing scheme. It’s SaaS only, which means salesforce hosts it for you. There’s some limitations with that, mostly that you’re locked into using their software. If you come across something you don’t like, migration would prove tedious.
Link to desk.com: Desk.com
Zendesk is the product of a public company. It has a great interface, and supports lots of nifty features & includes many mobile device apps. & such. The one limitation is it’s self-hosted only, we’ve heavily considered & wielded their software – it’s good stuff.
Link to Zendesk: Zendesk
Support is 24/7, 365 days a year, whether you’re selling flower bouquets, or running a web design firm, it’s the one thing we all have in common. Inundated in requests? Welcome! We feel your pain. One of our long-term web hosting clients Josh who runs a web development firm offering wordpress plugins & design, recently posted a blog post on this very topic. Support is hard, but not impossible.
Here’s a few key things to keep in mind when offering support digitally, or alternatively through tangible methods like telephone & in-person.
I’m going to detail a few basic points on what good support is, and, then below offer ideas for helpdesks, forums & everything in between.
Be clear on when support is available
Avoid confusion. Be upfront about your support hours & support limitations. Much like your open & close times (if you have them), avoid frustrating people trying to reach support & not knowing whether you’re going to be there. Having clearly defined terms of when support is available is key. If you’re going to be away on holiday, make note of it well in advance (and publicly).
This might sound tedious, but, if you’ve ever interacted with companies you know precisely how frustrating it is sitting in a phone queue, or waiting for an email from someone.
Boundaries & support limitations
Going above & beyond for clients can feel wonderful, but if there’s a particular boundary you’re not willing to go beyond consistently, define it well in advance. For us, fixing SMTP settings on someone’s remote printer is that boundary. We do it, and it feels great, but we have no doubt it’d prove better for both us & our clients alike if we didn’t involve ourselves in the process. Another example being, if you’re a designer & don’t necessarily want to get your hands dirty doing web hosting related stuff, or, a developer whom avoids logo design, make those points clear upfront. There’s nothing wrong with saying that you’re not the greatest at something, as long as everyone knows those limitations upfront.
You can always make exceptions, or refer people in the right direction, but try not to waste people’s time with subpar work or support.
Limit support mediums. Less is more.
In the decade that I’ve been doing web hosting, the biggest key in providing great consistent support I’ve found, is limiting support mediums. If you’ve got twitter, facebook, instagram & $insert-new-social-medium here accounts – people are going to reach out to you on them for support and they’re likely going to be disappointed if you don’t respond quickly & thoroughly. Make it clear where the best support can be had for your service. Limit the number of places that people can get support, but provide the best possible support through those avenues, which in turn, prevents people from seeking you out on those mediums.
You might find yourself tweeting to a company one day (I tweet to Bank of America more often than I call my mom), but it’s not because twitter is the best avenue for support – it’s just the easiest route to get in touch with an entity vs. email, or digging around on their convoluted site. Find yourself doing that frequently, or, find your users doing it? It might be time to clean up your ‘contact us’ page, or, start offering support over twitter :)
The goal is to provide great support, so, try not to spread yourself thin by trying to do it in 300 different places, as it could prove difficult to be consistent. Consistency is key. As always, go where your users are.
Live support & telephones
Understanding when live support is advantageous to you & the customer both is extremely important. Live support (telephone or livechat) is great, but nothing’s more frustrating than seeing “Livechat is offline” or waiting in a phone queue. Define availability clearly, otherwise, it can be a frustrating experience for both customers & support representatives alike. Fused has never had livechat available, and we’ve
all but killed converted our phone system over to a click to call system because phone queues are awful. Yet, no medium can be greater to resolving issues quickly & promptly than a quick thirty second phone call. Find out what fits your organization.
Email is equally as painful, but it doesn’t have to be. Helpdesks offer a good middleground, & perhaps you might consider offering support through forums?
Your mileage may vary. Now, onto our next post…
You’re likely a WordPress user, admin., or, know someone who is. With it powering roughly 23% of the web, it’s both popular with users, developers & hackers alike. Yay, WordPress is great (and powers this blog).
Securing WordPress is difficult, but not impossible. We’re not experts on the topic by any stretch, but, given we host a few thousand websites powered by it – we’ve got a few ideas on how to keep it secure. Some of these are fairly generic, and, others might give you a few ideas on howto keep your own install hack-free.
Much of this advice is tangible, and, will help with other aspects of WordPress site management as well (like performance).
If you prefer to read text, scroll down below the image. There’s a few other additional notes below as well.
Link your friends to: https://www.fused.com/blog//uploads/2015/04/securingwordpress.jpg
First, why should you secure your WordPress install? Who cares, right?
For starters, your site could be used to send spam to others. Worse, infect others & their systems with malware. Neither of those are going to make you any friends, and worse, it could impact your reputation.
Secondly, a hacked site will be quickly stopped by google & blocked from being viewed in chrome. You’ll lose visitors & revenue, particularly if you operate a business.
Lastly, to be a good netizen. Nobody likes spam, exploits, or DDoS attacks – and all of these can originate through your WordPress installation. There’s many of us that end up having to stay awake sleepless nights to mitigate things like this, and, there’s not enough whiskey to go around.
Update, update, update.
It goes without saying, the first step to keeping any piece of software secure is by updating your software as quickly as feasible when an update is released. This applies heavily to WordPress where a potential exploit might reside in a theme, plugin or the core software itself. As of 3.7, WordPress can automatically update itself. Managing these updates is trivial, often using a plugin. To just keep the core WordPress software in check, add this to your wp-config.php file (on its own line): define( ‘WP_AUTO_UPDATE_CORE’, false );
Caveat: Some software within your installation might need updated manually, but, we’ll talk about that more shortly.
Everyone loves themes, &, if you’re anything like me you change your WordPress theme several times a year. Who doesn’t love a fresh pair of clothes, but, let’s not make it a hay-day for hackers, bots, & script kiddies alike.
Leaving a WordPress theme installed after you’re done with it is akin to building an addition onto your home & forgetting a wall. You’re leaving yourself open to attack. Less is more, & that applies more & more each day with WordPress.
Third-party theme websites
Acquiring the latest & greatest theme off of Themeforest & some of those great sites is wonderful, but, it leaves a few things left undone – and this is frequently the number one source of attack aside from out of date installations.
First, and foremost: Often, anything you install manually will frequently need updated manually. If you install something outside of the WordPress interface, you’ll need to update it manually.
You’ll want to subscribe to any updates/newsletters the theme developer has. You’ll be relying on them for many security updates for software that might be included in the theme, that may not have an easy-update method.
Secondly, despite my note that you’ll be relying on them for security updates: Don’t rely on them for security updates! Someone who has just a few themes out there might not be around to fix the latest-greatest-exploit in their theme. If murphy’s law has anything to do with it, they’ll be on a remote island sipping pina colada’s while some good friend from afar is sending a few emails on your behalf, to all of your good friends :)
If possible, catalog what ‘extra’ functionality (3rd party code, besides the theme itself) might be in a theme, if at all possible (or, ask the developer when you acquire the theme) and keep an eye on releases to those pieces of software.
That’s an awful lot of work, and, as much as I appreciate 3rd party theme developers – it’s (in my opinion) better choice to use themes available within WordPress itself via Appearance > Themes (Or, https://wordpress.org/themes/commercial/) , rather than venture out on your own. The themes available there will still need to be updated, but, the process is slightly more streamlined.
WordPress Plugins & Security
Avoiding plugins altogether would be great, but, impossible of course. If at all feasible, avoid adding plugins that add minuscule functionality like an image carousel, for example. Far too many exploits originate from plugins. Less is more.
Secondly, removing any unused plugins is quite possibly the best thing you can do. Disabling them isn’t sufficient, but deleting them altogether – like themes – will keep you a bit more secure.
Backups are by no means a way to prevent exploits, but, they make it easier to revert back to a “good” copy of your website in the event of an exploit. Frequently backup your website & wordpress installation (database & all) via your host’s control panel & the ‘Tools > Export’ section of Wordpress.
The more backups you have, the merrier. Rebuilding a website from scratch is no fun, and, in some cases (like my own blog I started in ‘03) would be absolutely impossible without backups.
Your web hosting provider should be backing things up, but it never hurts to have a couple of extra copies of your data floating around – don’t trust their backups in a bind.
And, lastly, here’s an infographic to link your friends to:
Advanced & misc. cruft
If that article bored you to death, my apologies. We’re finding the average-joe/jane is getting their WordPress installed hacked left & right. There’s some advanced & more generic tips below, in addition to our lovely image you can share with your friends.
Read only: Disable writes to any folders that won’t need it.
We frequently come across someone using something like gravity forms to upload an executable PHP file and exploiting the installation. This, among many other exploits could easily be prevented by disabling writes to any folder by default, and, only allowing the ones that need it (cache folders, for example). We personally disable all writing by default, though, someone keen could still exploit it.
Reenabling writes for updates & such will be necessarily, but, can be automated (a cron. that reenables writes to folders, and, simultaneously updates wordpress, for ex.)
Lock down wp-admin
Disable logins to wp-admin to a certain IP addresses, and no more. Brute forcing installations is less popular for something like WordPress, but, frequently we’ll see someone’s password leaked through some other hack, and, that password being used on their WordPress installation.
Don’t recycle passwords
It’s 2015. Use 1password or keepassx. Avoid recycling passwords, however unimportant some of them may seem – it often takes only a single account being exploited that results in a domino effect of hacks against your accounts.
Phonecalls can solve problems in seconds: They are amazing. There are honestly few things I enjoy more than the refreshing sound of a human voice. To be able to respond with a simple “Mmhm.”, “Absolutely!” or something in between. I love them (and the clients, friends and family behind them), and, honestly it’s one of the few reasons I continue to operate fused after well beyond a decade.
Voicemails, on the other hand? Voicemails are awful in every imaginable way. I can’t even begin to list all of the reasons why voicemails are tragic.
Perhaps it’s because if you’re anything like me – you often leave two voicemails instead of one, because you failed to include some snippet of extremely important information, often even your callback number. At best, you fumble over a few words and feel like a bumbling idiot. During a live call that somehow never happens, or, the human on the other end helps you up. Robots on the other hand are heartless, and respond with nothing but a painful empty silence.
At fused, we don’t miss many calls – yet, we still somehow end up with hundreds of voicemails, and every single one is absolutely painful to trawl through. More often than not, the only reasonable response to a voicemail is to call back, defeating the whole purpose of their meager existence.
Ugh. All of that could be settled with a single text, or, email even – it’s 2015. But, we love phone calls, regardless of how ugly voicemails are.
The future of voicemails: Their death, preferably
So, back in early 2014 we launched our phone call request system.
And it’s amazing. You request a call, we get an email with a link – simple. It cuts out the middleman, and saves us hundreds of dollars a month on phones & phone systems, to boot. Instead of any of us having to drone into empty space (or, listen to it), we’re live instantly. There’s some sincere benefits too, which I could rave on about endlessly – I’ll save that for another post.
Sure, once in awhile there’s the odd game of phone tag, but, not having to listen to another voicemail has improved our lives significantly.
And that’s why today, we’ve turned off our voicemail for good.
Web hosting is important in this day & age, and quality web hosting can be prohibitively expensive. I’m going to provide a few helpful hints on how to pick a cheaper web hosting solution & still get reasonable uptime and performance.
Saving time & money:
First, a short story. I’ve been involved in web hosting now for more than a decade: In internet years, that means I’m on a porch shouting at you from an antique rocking chair.
We all want similar things in life: But, most importantly we want to choose how we spend our time. My goal is to spend as little time sitting in lines, and as much time as possible with my kids & family (Particularly when they’re not screaming). Many companies interrupt our time like clockwork. My bank for example, which will will remain anonymous (It rhymes with ‘rank of blahmerica’), which undoubtedly almost weekly does something that warrants yet another phone call, sitting in their phone queues, as though my time were infinite, and infinitely worthless. Yesterday, I spent a total of roughly one working hour resolving what shouldn’t have been an issue at all, and next week it’ll happen again. On the contrary, my local internet provider instantly picks up the phone, resolves the issue (without hold times) and I’m on my merry way (EPB, in Chattanooga – gigabit internet for everyone!).
I’ll try not to get off topic, but it warrants a few paragraphs. You’re a business owner, or, someone who has better things to do than spend time contacting companies for something that is often their mistake, or something they could have readily resolved proactively. But, these are computers: Things happen – stuff breaks, errors are found, problems arise. The difference between a mediocre company, and a great company, is how much of your time they’ll waste. Think of great web hosting like insurance. Great web hosting tries to ensure that you’ll spend as little time dealing with web hosting as possible, and as much time on your business as possible. Mediocre web hosting makes no guarantees, and, ultimately, will cost you time in exchange for saving a few dollars a month.
The math is entirely up to you and your circumstances. I too have been an extremely poor student, living in whatever walk-in closet I could afford at the time: Sometimes, you need to save money. As a business owner, I’d recommend you don’t skimp on web hosting, but, if you have to, here are a few options:
With a cheaper hosting provider, expect downtime. There are likely some great cheap hosting providers out there, but, they’re likely cutting some corner that will ultimately result in website problems. To counter that, use something like cloudflare to at least cache your site when it is offline. Your visitors will still get to your content, and you’ll save on web hosting.
Horrible web hosting support
With a cheaper web host, support might be unavailable. An inexpensive provider might cut corners on their team size or availability, leaving you to resolve things on your own most of the time. Learn to wield the web for common problems by googling error messages, more often than not you can resolve them on your own once in awhile. Teams are easily the number one budget line item for a quality hosting provider: To put that in perspective, 75% of fused’s revenue goes towards covering our support & development team. A meager 10% of our monthly revenue covers hardware & infrastructure.
Another common issue experienced with cheap web hosting is unreliable email. Consider using a 3rd party like gmail to offset some of the damage that could be caused to your communications. Gmail offers service with custom domains for a meager $5 a month per account.
If your website relies on databases heavily, like for example, one built on wordpress or drupal: Cache as much as possible. Caching properly can result in your website being available even though the related database goes offline. Often there are plugins available for some content management systems that will cache an entire site, giving it a higher chance of being online. Databases being unavailable, or overloaded, is often a common problem of overloaded web servers. Often with cheaper companies, they might be forced into trying to host as many clients on single servers as possible due to their limited budgets.
Ultimately, it might be more costly, timewise, to pick a cheaper web hosting provider.
It’s worth weighing the options, and, if you’ve found a great, inexpensive hosting provider, don’t hesitate to leave them in the comments.