For the SiteWorks project to give maximum benefit to the user community, Website Administrators are reminded that they have to adhere to several guidelines. While they are discussed individually within the user guide, the main points have been consolidated here.

Backups #

All u3as that use the hosting solution provided by TATL have their websites backed up automatically daily. To maximise security the resultant files are kept online and at a remote location. If you choose to install a WordPress backup plugin, you may only use it to create backups that YOU store on YOUR local machine or network, and not on the TATL-provided server.

Copying your website for testing or training purposes #

If you wish to take a copy of your website for testing and training purposes the plugin WP Migrate Lite ‘will export a complete copy of your website in a zip file that can be imported directly into a development system.

It is strongly recommended that only a LocalWP system is used for testing purposes, as this will catch any outgoing emails, particularly those to the system administrators.

If you wish to use a development environment such as WAMP, MAMP, XAMP or a personal hosting account, the SiteWorks Administration Email Address within the WordPress settings MUST be changed, when you activate your copied site. From the Dashboard ⇒ General Settings ⇒ Settings ⇒ Administration Email Address, to set the new address.

Use of Plugins #

The SiteWorks software distributions include all the required plugins to create, maintain and publish a u3a site. In some cases experienced Website Administrators may wish to “experiment” with one of the many thousands of available unsupported plugins.

If the Web Manager wishes to review the operation of an unsupported plugin, this MUST be undertaken on a LocalWP site AND NOT on a production or live site. Deleting “test” plugins may not “clean up” properly and can leave settings or data on the production site that can affect site operation and may be difficult to resolve should a problem arise.

Web managers are discouraged from installing additional plugins unless specifically advised or recommended by the SiteWorks team, as this may cause software issues, etc. If additional plugins are added, it is the responsibility of the u3a, to ensure that the cookie policy and other conditions within the Website Terms of Use and Standard Operating Procedures (in particular section 1.4) are maintained at all times.

In summary, the updating of the plugins is as follows:

• All supported plugins are updated by the System Administrators.
• System Administrators are able to see when a supported plugin needs updating:
  • If the update is security-related, System Administrators will update the plugin, this is to maintain the security of the SiteWorks system. Website Administrators should be aware that this could cause issues, hence the specific functionality of the website needs to be monitored regularly
  • If the update is solely feature-related, the update will be left to the Website Administrator’s discretion.

Maintaining Email Reputation #

A large proportion of emails that have been sent during the testing and commissioning of a u3a site can easily fall into the category of “not looking like a genuine personal email” and damage the “reputation” of the server used by the majority of the u3as.  In addition, the emails generated by WordPress regarding password changes or resets can look like phishing emails, further damaging the reputation of the sending server. To prevent this:

• Website Administrators, Editors and Authors MUST avoid using the standard contact form to send messages with the word such as “test” or “urgent” in the title and very brief messages.  If you want to test out the contact form, the sender should simulate a genuine enquiry using genuine names, email addresses and messages that contain several lines of genuine text.
• When creating a new user, as discussed here,  remove the tick from the box to send the new user an email about their account, This may be classed as a phishing email.  Instead, send the new user their username and password using your regular email account. It is advised that Password Management is undertaken using conventional emails, as opposed to the tools provided by WordPress.