Category: Hosting, cPanel & Site Administration
Audience: Clients of Thomas McKee Website Design & SEO Solutions with managed or self-administered hosting.
Goal: Teach clients how backups and SSL certificates work, how to access them in cPanel, and how we maintain top-tier website security at the server and application level.
Your website is a vital business asset — it holds your brand, your customer data, and your reputation.
At Thomas McKee Website Design & SEO Solutions, every site we host is automatically protected by daily backups, auto-renewing SSL certificates, and advanced security systems like Imunify360 and LiteSpeed Enterprise.
This article explains how those protections work, how you can access backups or confirm your SSL status, and what security practices we use to safeguard your website from malware, hackers, and data loss.
Backups allow full restoration of your website if:
You accidentally delete a file or plugin
A software update breaks the site
Malware infects your files
You need to migrate or clone your site
SSL (Secure Sockets Layer) encrypts communication between your site and its visitors, turning http:// into https://.
This protects data and improves SEO rankings.
Strong firewalls, malware scanning, and secure login controls help prevent downtime and data theft before it happens.
We use JetBackup, a professional-grade backup system integrated into cPanel.
Automatic Frequency: Daily full backups of files, databases, and emails.
Retention: 14 days of restore points.
Storage: Off-server (so even if your server fails, your backups are safe).
Speed: Full-site restoration typically takes under 10 minutes.
Log in to cPanel.
Scroll to the JetBackup section.
Choose one of the available options:
Full Account Backup
File Backups
Database Backups
Email Backups
Click File Backups.
Select your preferred restore point (by date).
Browse or search for the file(s) you want.
Click Restore.
Wait for confirmation — you’ll see a success message when complete.
Tip: You can also Download the backup to your local computer before restoring, for added safety.
If you want to create a manual backup before making big changes:
Go to Files → Backup Wizard.
Click Backup → Full Backup.
Choose the destination:
Home Directory (for short-term storage)
Remote FTP (if configured)
Download to your computer
Backups include:
All website files (HTML, PHP, WordPress, etc.)
Databases (MySQL/MariaDB)
Emails and configuration settings
If your site ever breaks:
Option 1: Restore the latest backup through JetBackup yourself.
Option 2: Contact our support team — we can restore it instantly from the most recent snapshot.
Restorations are seamless and rarely cause downtime.
Encrypts visitor data (forms, payments, logins).
Displays the padlock icon in browsers.
Improves trust and SEO ranking (Google prioritizes HTTPS).
Every site we host includes a Let’s Encrypt SSL certificate, installed automatically and renewed every 90 days.
This happens without you having to do anything.
Visit your site using https://.
Look for the padlock icon in the browser.
In cPanel, go to Security → SSL/TLS Status.
Confirm that your domain has a green padlock and is set to AutoSSL enabled.
If you see a warning symbol, contact us — it may indicate a mixed content or redirect issue.
We ensure all pages redirect automatically from http to https, but you can verify:
In cPanel, go to Domains → Force HTTPS Redirect.
Enable the toggle next to your domain.
Test by typing http://yourdomain.com — it should instantly redirect to https://.
| Error | Common Cause | Solution |
|---|---|---|
| “Not Secure” warning | SSL expired or DNS just updated | Wait for propagation or contact us |
| Mixed Content | Some assets (images/scripts) still load via HTTP | We’ll fix links in WordPress |
| SSL Not Installed | Domain recently added | Run AutoSSL in cPanel or contact support |
| Wrong Certificate | Addon/subdomain misconfiguration | Reinstall SSL for that domain |
Imunify360 constantly scans for malware, suspicious code, and brute-force attacks.
CSF Firewall blocks malicious IPs automatically.
ModSecurity (WAF) filters dangerous requests at the application layer.
We configure WordPress-specific security:
Login protection and CAPTCHA
Regular plugin/theme updates
File integrity monitoring
Limited file permissions
DNSSEC enabled on all hosted domains
Encrypted cPanel, FTP, and email connections (SSL/TLS)
Cloudflare CDN integration for DDoS protection
Even with managed security, clients can follow these habits for extra safety:
Use strong, unique passwords (12+ characters).
Enable two-factor authentication for cPanel and WordPress.
Avoid installing unverified plugins or themes.
Keep WordPress core and plugins updated.
Review your JetBackup history monthly.
Use secure Wi-Fi when accessing admin panels.
Never share credentials via email or text.
Proper file permissions prevent unauthorized access.
We maintain industry-standard settings:
Folders: 755
Files: 644
Configuration files (wp-config.php): 600
Avoid changing these manually unless advised — incorrect settings can break your site or open vulnerabilities.
Our system monitors:
Downtime (checked every 1 minute)
SSL expiration status
Malware detection
Resource overuse
If any anomaly is detected, our administrators are notified immediately.
You’ll receive email notifications for:
Backup completion or restoration
SSL issuance or renewal
Account resource limits (disk space, bandwidth)
| Tool | Function |
|---|---|
| SSL/TLS Status | Check or renew certificates |
| IP Blocker | Manually block suspicious IPs |
| Leech Protection | Prevents password sharing on restricted pages |
| Hotlink Protection | Stops other websites from using your images |
| ModSecurity | Application-level firewall (should always remain ON) |
If you’re unsure what a feature does, contact us before disabling it.
Our hosting includes continuous malware scanning via Imunify360.
If any infected files are found:
They are quarantined automatically.
You receive a notification (if applicable).
Our team reviews and removes the threat.
We also run manual scans during major updates or if you report suspicious behavior.
Q: How long are backups kept?
14 days — older versions are overwritten automatically.
Q: Can I restore just my database?
Yes — select “Database Backup” under JetBackup.
Q: Can I download my backups?
Absolutely. Download anytime via JetBackup or Backup Wizard.
Q: Do I need to renew my SSL certificate manually?
No. SSL renews automatically every 90 days.
Q: How do I know my site is safe?
If your SSL padlock is visible, WordPress is up-to-date, and no malware alerts appear, you’re protected.
Q: Can I install my own SSL certificate?
Yes, but Let’s Encrypt SSLs are already included. If you require a custom certificate (e.g., EV or Wildcard), we’ll assist with installation.
Contact Thomas McKee Website Design & SEO Solutions if:
You see a “Not Secure” or certificate mismatch warning.
You suspect malware or hacked files.
You need help restoring a backup.
You deleted a key file accidentally.
You want to migrate or clone your website.
You experience downtime or error messages.
Our team responds quickly — usually within minutes — to minimize disruption.
✅ Verify your site shows a secure padlock (HTTPS).
✅ Test your SSL redirect monthly.
✅ Check JetBackup for recent restore points.
✅ Avoid installing unknown plugins or themes.
✅ Update WordPress core and plugins regularly.
✅ Keep a copy of your login credentials in a secure place.
Your website’s protection depends on three layers — backups, SSL encryption, and security systems — all of which we’ve already built into your hosting environment.
At Thomas McKee Website Design & SEO Solutions, we make sure every site is fast, secure, and recoverable. You can rest assured knowing your data is safe — and when something unexpected happens, recovery is only one click away.
Your job is to run your business. Ours is to keep your website secure, always.