Before You Agree to Work On an Existing Website Here's What You Need To Know…

Whether it's putting a website on a WordPress maintenance plan, doing a “tweak” or applying a re-design, there are 5 MUST-DOS before you ever reply to a prospective client’s initial email.

Last week I got an email from a prospective client saying they needed a quick fix on their website. “Simple.” Isn’t that always the first red flag?

I don’t take one-time fix clients, but they mentioned they wanted to go on my monthly maintenance plan, so I accepted them as a client after only glancing at their web pages. I quote an initial “Website Audit” service for all new maintenance clients, so I figured if I found any issues inside I would clear them up during that audit.

Well, my mistake! Even though my Website Audit covers 4 hours of my time, that was not enough to fix the issues. What made this worse was that I could have spotted these issues with the website in 5 minutes before I even replied to their initial email!

Bottom line: their website has been hacked, their email was on a blacklist, and we were working with a custom, poorly built theme. All these issues were not visible from navigating the web pages of the website.

Most clients, and rightly so, will not send over FTP, WordPress and hosting information before an engagement begins. This is a great practice to encourage. So how do you see if there are any issues before you even reply with your plans and pricing? Easy!

  1. Check if the website has malware, is out-of-date or is on a blacklist. A 10-second scan at https://sitecheck.sucuri.net will show a wealth of information about the website, WordPress version and malware information. This also shows where the website is hosted – precious when many times the client is unaware of their hosting plan.
  2. Check the website IP and domain name for email blacklists. From the Sucuri scan grab the IP address of the website, take that and the domain, and enter it at http://mxtoolbox.com/blacklists.aspx to see if either is blacklisted.
  3. Check that the WordPress login page is up. If the wp-login.php page is blank, this is a sign that something bigger is going on with the website.
  4. Check the website theme and plugins Enter the domain name for a heads up of what you are going to encounter at http://www.wpthemedetector.com/ . It won’t show everything, but it’s a great overview of the theme and active plugins. You can quote a different price when working with a custom built theme.
  5. Make clear in your return email to the client that issues you encounter regarding security and repairs requires additional time (at a higher rate). Prior to you was engaging in work, it will be out of your scope of work if their “simple” issue is a result of being hacked. Be honest if security and fixing hacks is not your field and that you would need to bring in an outside source like Sucuri to clean up a troublesome site.

These steps will take you less than 5 minutes, but better prepare you and the client for the engagement. Having this process setup will save you from at least one innocent website inquiry that could be a mountain of a job.

Kristina Romero is a website developer and consultant working for the last 8 years through her company KR Media & Designs (KRMD). As a front-end developer in the Washington D.C area, she’s had the opportunity to work with the Coca-Cola Company and Food Network on various WordPress projects. Kristina is proud to be a WP Elevation Business Coach, a mompreneur and passionate advocate for WordPress.