Soren Law Group approached us to redesign their outdated and broken website experience. Their previous vendor had developed custom plugins that stopped working with newer versions of WordPress. During our discovery phase, we discovered that inability to update and the plugins opened up security vulnerabilities that were constantly being exploited. Soren Law Group asked us to build a site that would be easy to maintain, avoid vendor lock-in and be more secure.
We evaluated multiple solutions based on the requirements. The audit during our discovery phase revealed the current content was static and hadn’t been updated in years as they had a separate blog site that was periodically updated. Due to the headaches of the previous solution, we eliminated WordPress as an option. We evaluated static site generators like Nuxt, Gatsby, and JigSaw as well as a fully static website.
Since updates would be infrequent, we recommended a fully static website. To help Soren Law address their concern and avoid vendor lock-in, we built the static site using PHP to allow for reusable global elements such as the header and footer and send messages through the contact form.
We also migrated the site to a virtual private server that Soren Law Group now owns and pays for directly. The server was configured and hardened following best security practices. We also configured automated weekly back-ups for them to be able to restore the server in case it somehow became compromised. In addition to the cost savings from paying their previous vendor for hosting, the VPS also provides improved performance compared to shared hosting.
To simplify managing and updating deployments, we configured CI/CD pipelines to automatically deploy changes to staging and production environments when committed to the respective git branches. As part of the CI process, we added a build process to scan the site and verify that the site was Section 508 compliant. If the scan fails, the developer is notified and the build is not deployed until the issue is resolved.