I've been designing and building sites for a few years now - using HTML/CSS. When the site goes live, either I do occasional updates for the client or they use CUSHYCMS. I've been evaluating DB driven CMSs for a while now (Joomla, WP, C5) and found myself battling against them rather than being able to work with them - Couch is perfect for me - design and create the site and then integrate the CMS - I'm loving it and am about to deploy my first Couch site in the next couple of days.

But the change to a DB CMS site from a static site is slightly scary too. And I was wondering if other web designers on this forum have any advice to offer:

My main concerns are around ongoing maintenance ... for example upgrades to PHP. I'm imagining when I have a growing number of sites on Couch - it could amount to a lot of work if I have to spend time on this sort of thing. And of course to a client this sort of work is meaningless to them - it is all behind the scenes and they wouldn't want to pay for my time doing any essential maintenance work I'm sure. Do other web designers build in an annual fee for this sort of thing?

The other main question I have is how should I handle database backups once the site has gone live? Again I'd rather not have to have any ongoing involvement in a site once it has gone live. But if I have to - I will need to start quoting my prices differently to clients - i.e. make them aware of costs of maintaining a CMS site.

[cheesypoof]

I'm not seeing the need for ongoing maintenance. Future couch releases are probably going to focus largely on feature additions. PHP upgrades are handled by your host. With regard to database backups, you can instruct your client to occasionally save the file generated from 'couch/gen_dump.php'. I don't particularly see myself needing these, but maybe KK can comment on the possibility of automated backups as well as couch auto-updating.

[KK]

I'll agree with cheesypoof - the fear of ongoing maintenance is unfounded.
PHP upgrades will be handled by the hosting provider. Couch, per se, does not demand that you upgrade to every new version that is released.
If the features of the version you used to originally build your site serve you well, you can keep using the older version.

As for the backup, I think, the best way is use the method provided by the hosting provider. All of them usually provide a way to schedule a backup. Configuring it, for example, to take a full backup of your site (MySQL + physical files) once every 24 hours (and retaining the last 30 backups) should be sufficient and won't need your intervention.

hello, have only just found KK's reply to my posting from a while back. I've returned to this issue as I feel I need to give some advice to my Couch'd clients on backing up their MySQL data.

Unfortunately the web host in question is 1and1 and the hosting package (Starter at £2.49 per month) does not include cron jobs/scheduled tasks (this is available with the package costing £6.99 per month - a huge leap!). 1and1 suggest that back-ups are made using phpMyAdmin - I don't think is a good option for a client!

I will consider another hosting option for future clients - GoDaddy include cron jobs with their basic package - not that I have any experience with cron.

The other option is to allow the client to use Super Admin to get a download of their data via gen_dump.php. Although still a manual manual process, this would appear to be the best option available, without the hassle of transferring hosts. Are there any potential risks with the client having access to this Super Admin login that I haven't thought of?

Do you think there's any chance of Couch incorporating some sort of back-up functionality? I did see something mentioned in the Feature Requests ...

Any advice, ideas, thoughts gratefully received!

[KK]

Hi Potato,

Are there any potential risks with the client having access to this Super Admin login that I haven't thought of?

gen_dump.php does not mandate super-admin privileges to work - plain admin privileges will do.
Since your client will necessarily have this admin access, I don't see any problem or risk with this approach.

Do you think there's any chance of Couch incorporating some sort of back-up functionality? I did see something mentioned in the Feature Requests .

It is on the cards, though not very high on priority list.
Simply automatically executing gen_dump at set intervals and emailing the dump file to a set address is something that can be thrown together without much effort. However, it will only give you database backup. Backing up the uploaded files will make the full backup but is more convoluted.

If only database backup will suffice, please let me know and I can try and get something that will do the job.

hi KK, I always keep a copy of all the html/php files that make up a client website on my own computer. So, if I advise clients to keep a backup of anything they upload to the site after it goes live (PDFs, photos etc) and the database is backed up at intervals - then I think this means that in a worst case scenario I could get the site back up and running with more or less current data.

Your suggestion for an auto-executing gen_dump.php with emailing of file sounds fantastic. I appreciate how busy you must be - but it would be a bonus for me to offer this level of security and reassurance to a client ... and I suspect other Couch users would like this feature too (?)

In the meantime I'll add the procedure for running gen_dump.php to our Couch tutorials (for anyone interested see: http://couch.aplainfish.co.uk/ - at an early stage of development, but the help subjects will grow).

Many thanks.

PS: I had an email from a client who has started using Couch, here's a quote from it:
"We are really delighted with it, and the ability to change the detail within the overall design is
something we weren't expecting at all, let alone so easily" ... and this is from someone who I would describe as "low-tech" !

I have around 65 clients at the moment that want ''fresh updates'' And i use couch to handle this. Some clients have smaller websites which are not handled by couch because they ''didn't want a cms panel''

When i agree to Site updates weaver it be couch implemented or not i always have access to their accounts, this saves hassle. Of course sometimes things get hard to a point where i have to juggle my work around but thats what happens when you are running you're own business. Sometimes the updates are so little there is no point in even doing them, however money is money and at the end of the day its something you can never get around unless you build a robot.

If you have a good design structure, ie. If you keep track of what has been updated or what hasnt then you are onto a winner in regards to handling this process.

IF you put in a process to handle this work then you will work at a timescale that normally will suite a client. Without going into too much details, my work is 90% design and development work and 10% updates. My streamline of work comes mainly in the 90% design work, and nowdays its not small websites i handle, back in 2010 this was ongoing and was the other way around. Nowdays i get jobs around 65/100 pages, and 5,000 lines of code, most jobs come in at around 1.5k worth of work.

Regards backups i have my main design computer that i design and use to develop from which is setup with 4 screens to work from. A second computer just that sits there and runs a auto generated scripting system that i worked on that rips all data from their server database. This then saves all the server dater into a folder that then saves in two places, an external hard drive, and onto the systems hard drive. They are both scripted to protect the data and only i can use this, which protects the data and any hackers, since i was a hacker when i first started out in 2000.

You will never get passed the process of ''Updates'' this will always be on going untill everything will be 100% computer orientated

hi SimonRLM, interesting that you started out as a hacker ... you will therefore be clued up on site and data security. It has occurred to me that the config.php file (with all the site's DB info) is within the couch (or renamed couch) folder. I am guessing this is protected by the .htaccess file in the couch folder - is there anything else protecting it from unwanted attention? Is this secure from a hacker - you are in a great position to know the answer to this one!

If I type in the url of the config.php file I see a blank page, not a 404 page - as it clearly does exist! I wonder if you think this is a clue for a hacker? Why would anyone want to hack a run of the mill small business person's website anyway?!

hi SimonRLM, interesting that you started out as a hacker ... you will therefore be clued up on site and data security. It has occurred to me that the config.php file (with all the site's DB info) is within the couch (or renamed couch) folder. I am guessing this is protected by the .htaccess file in the couch folder - is there anything else protecting it from unwanted attention? Is this secure from a hacker - you are in a great position to know the answer to this one!

If I type in the url of the config.php file I see a blank page, not a 404 page - as it clearly does exist! I wonder if you think this is a clue for a hacker? Why would anyone want to hack a run of the mill small business person's website anyway?!

It depends really on the sort of person hacking the website to begin with. The Config.php is quite secure however its not ''100% full proof'' The only way really is to code in a system that will track anyone trying to hack into the website which will then in return block the IP and run a shutdown ''lockout'' from anything on that server. The same way most company's now-days secure there website. I can say that ebay is easy to hack, and you tube was easy to also hack before they was took over by google. Facebook runs a slitghly different system that needs extensive research and hard coding to mess up there system, but it can be done.

Anything is hackable if you know where to look, and what to look for. So all i can say is i wouldn't worry and I'll tell you why bellow.

Most hackers start from the bottom and work upwards until reaching there goal. Most hackers will have a website in mind they want to hack, which is big and known. They wont do anything unless they are hacking for a reason to ''steal'' data. So as you can now see that the hacker will try and get into your website, however the hacker will be starting out, he will be learning the ropes to hacking and what is needed to be done. I had a client who owns a plastering firm, his website was locked out due to a hacker, it sends a report of the person hacking, most leave a paper trail and has there IP, Network and main address linked Pure novice. So thats why you're website is of course a target at some point. They tend to learn the ropes on smaller websites with less security to learn the basics on where to look when hacking.

Like i say, the config file is not full proof, but to any novice they probs wont get past it unless they know how to get around things.

Hacking is not easy i must admit and takes alot of time and work.. If you watched the social network then thats a base of script hacking. Basically hacking data, or ripping data.