Don’t Panic.

So many of my conversations begin that way, it’s almost never as bad as it seems and we can put it right, be it a very slow loading site that keeps falling over or a site hack. Together we can get it fixed.

So, deep breath, here is how I can help: 

Power Hour Consultancy

If you are looking for advice for your security and site health or for a discussion on strategy for your DevOps setup and pipeline, through to performance issues, then a Power Hour might be perfect for you.

The Power Hour is you, me and potentially your team on a video call going through whatever you want. It’s a fixed length of time and a single one off fixed fee of £150. 

All you have to do is fill in the form, and pick a date. On the form I ask some details about what you are hoping to get out of our meeting this will allow me to prepare a little bit and als to be honest if you are after things outside of my expertise.

You’ll leave the call with actionable takeaways and resources that you can apply immediately to your organisation.

A summary, call notes, and recommendations will be sent 24-48 hours after the call.

This style of consultation works best if you are looking to pick my brains about broader subjects or a “how would you look to implement this” style question. On the form it asks for details of where you want the conversation to go, the more I can prepare the more use I will be. 

To give you some idea of some of the sort of work I do here are some example problems I have helped organisation like yours with:

Hunting hacks

Many organisations get hacked, I was approached by one such company where they were repeatedly hacked even after having the site “professionally” cleaned by a reputable company.  I was asked both to clean the site and more importantly identify how reinfection was occurring.

After a lot of log file combining, I was able to present a plausible timeline for infections and identify why the clean-ups had failed to fully disinfect the site. With a more confident understanding of how they were infected we were able to clean the site fully and get them going again. 

Tracking down impossible bugs

I was approached by a company that was suffering a bug where their subscription data was periodically being reset, causing the clients to have subscription dates set incorrectly. Their developers had been through the code and had reached the stage where they were convinced it was server related. 

I was brought in to help look over their infrastructure which included a multiple machine setup. After some debugging we isolated the issue to a single cron job, and with some further work, found the WordPress object cache had an empty user object which it was then applying to the users. With that knowledge the developers were able to locate and identify the bug.

Power Hour consultancy

If you are looking for advice for your security and site health or for a discussion on strategy for your DevOps setup and pipeline, through to performance issues, then a Power Hour might be perfect for you.

The Power Hour is you, me and potentially your team on a video call going through whatever you want. It’s a fixed length of time and a single one off fixed fee of £150. 

All you have to do is fill in the form, and pick a date. On the form I ask some details about what you are hoping to get out of our meeting this will allow me to prepare a little bit and als to be honest if you are after things outside of my expertise.

You’ll leave the call with actionable takeaways and resources that you can apply immediately to your organisation.

A summary, call notes, and recommendations will be sent 24-48 hours after the call.

This style of consultation works best if you are looking to pick my brains about broader subjects or a “how would you look to implement this” style question. On the form it asks for details of where you want the conversation to go, the more I can prepare the more use I will be. 

Working with you on projects

I am a Dev/Sec/Ops person who can probably get involved in many parts of your organisation. Every relationship is different but areas I think I might be particularly suited in coming and working with your organisation are:

• Security audits of sites, plugins, themes and implementing audits into your workflows
• Providing security training for staff and clients
• Helping with specific security issues, for example hacked sites
• Help building out strategic overview of security within your organisation
• Helping your development team level up in terms of system administration, server admin and things like continuous integration.
• Auditing and improving site performance both in terms of load speeds but also in terms of increasing the amount of concurrent visitors.

To give you some idea of some of the sort of work I do here are some example problems I have helped organisation like yours with:

Security Auditing

“I hired Tim to do an audit on one of our most popular plugins, not only was this one of the best business decisions I have made. It was an invaluable experience and one I would highly recommend to any other plugin/theme developers. The takeaways from this have been super beneficial to my business (both in coding and business) and I now have the confidence to grow and take it to the next level!”

Aaron Bowie

We are AG

Working with We Are AG I performed a security audit of the plugin. While the audit was specifically looking at security any items that seemed odd were picked up. I then went through the audit, the methodology sharing the tools and how things were done with the We Are AG team and then, over a couple of sessions, went through proposed changes and reauditing. 

Tracking down impossible bugs

I was approached by a company that was suffering a bug where their subscription data was periodically being reset, causing the clients to have subscription dates set incorrectly. Their developers had been through the code and had reached the stage where they were convinced it was server related. 

I was brought in to help look over their infrastructure which included a multiple machine setup. After some debugging we isolated the issue to a single cron job, and with some further work, found the WordPress object cache had an empty user object which it was then applying to the users. With that knowledge the developers were able to locate and identify the bug.

Hunting hacks

Many organisations get hacked, I was approached by one such company where they were repeatedly hacked even after having the site “professionally” cleaned by a reputable company.  I was asked both to clean the site and more importantly identify how reinfection was occurring.

After a lot of log file combining, I was able to present a plausible timeline for infections and identify why the clean-ups had failed to fully disinfect the site. With a more confident understanding of how they were infected we were able to clean the site fully and get them going again. 

Longer term retainers

Most of my engagements are for a single or couple of days of my time, to help solve a specific problem. However, retainer based engagements allow me to work deeply with your organisation.

Retainer based engagements are really suited to longer security, maintenance and performance projects or mini projects to assist your team over a period of time. What might that look like? Well, for example, a 3 day a month retainer over a couple of months might look like this.

In month 1 the first 3 days are spent looking at longer term strategies and performing security and performance audits. Before identifying a specific first project, for example helping to scope and showing the benefits for continual integration tooling processes and mapping how that should look. In month 2 helping directly with the build phase provides plenty of opportunities to advise on problems and bottlenecks. At the same time we can start scoping the next project, of introducing Multi-Factor Authentication and SSO across the organisation, which is to be built in the subsequent months.

For other organisations, the emphasis might be on auditing client sites and preparing training for clients and the organisation itself.

Retainer based consultancy provides you with a cost effective way to gain access to me for a few days a month to help me work with you to level up your organisation.