Any website, and particularly those that use databases to store information, are only as good as their latest backup. i.e. if your site or your server crashes irretrievably, you can only restore it to the state it was in at the point you last took a backup.

For example, if you have spent the last 3 month adding 100 new products or pages to your website and it crashes, but your last backup is 3 months old, then yes you can get the site back online using the backup, but your site then does not include those 100 new products and in effect you have lost 3 months’ work.

All our systems have a “one-click” backup system built-in to the Admin. Taking a backup via the website Admin backs up all files in the web-space AND the database that runs the site. The Admin System also reminds you if your backup is out of date prompting you to take a new one. And being a one-click system it takes no effort to take a backup after every new addition to the website.

If your website is now a few years old then it is highly unlikely to have the built-in security updating systems a modern product has as standard. Your system therefore is not secure, nor is it future-proof. At the time you had it built you probably never expected to need to defend it against hackers 24/7/365.

However, hacking is now big business, and every company with a website needs to think seriously about keeping the hackers at bay. While many people simply ignore the risk, thinking that it would not be the end of the world if their website was taken down, they are missing a very serious point that could affect their business reputation so severely it could put them out of business permanently…

I.e. you should not worry so much about what a hacker might TAKE from your website, if they deleted everything and your website has a built-in backup system you could be back up and running in no time…

But you should REALLY worry about what a hacker might ADD to your website…

CMS Wales is very pleased to announce that we now offer Free Wildcard SSL Certificates for all our hosted clients as standard.

CMS Wales has been issuing Free SSL Certificates to all hosted clients for over a year (since March 16th 2017) and have been working towards providing free wildcard certificates ever since. We are therefore very pleased to announce the service is now active and we now offer Free Wildcard SSL Certificates for all our hosted clients as of today (March 23rd 2018).

What is a Wildcard SSL Certificate?

While a standard SSL Certificate secures your main domain, a Wildcard Certificate allows you to secure all your subdomains too, with a single certificate!

So instead of having getting separate certificates for subdomains, you can now use a single wildcard certificate for all main domains and subdomains

Secure your website and sub-domains with a free wildcard SSL certificate

All of our Web hosting Plans include Free Wildcard SSL Certificates for every website and sub-domain hosted


What is an SSL certificate?

An SSL certificate is displayed for websites in the form of a padlock icon in the address bar, a green bar, and a URL that starts with https://. Behind the scenes, this means that the website has been verified and any information passed between the server and a visitor’s web browser is securely encrypted. An SSL connection is vital for any website that requests or stores personal information such as contact details or payment information.

SSL is the globally recognised standard for secure data encryption between server and browser. All our SSL certificates are provided and verified by leading security experts GlobalSign.

Free SSL Certificates

A must-have for any serious website owner

An SSL certificate not only signals trust and authority to your website visitors, it also helps protect them when browsing your website. It prevents data interception and shows your business has been validated, ensuring complete peace of mind for your visitors.

Search engines such as Google have openly stated that they view an SSL certificate as a mark of trust and that having one can directly improve your search engine rankings.

Furthermore, research has shown that a valid SSL certificate reduces abandoned baskets, increases sales, and makes people more confident about shopping with you. It’s a must-have when you’re selling online.

UPDATE: All our SSL Certificates are now "Wildcard" SSL Certificates

CMS Wales has been issuing Free SSL Certificates to all hosted clients for over a year (since March 16th 2017) and have been working towards providing free wildcard certificates ever since. We are therefore very pleased to announce the service is now active and we now offer Free Wildcard SSL Certificates for all our hosted clients as of today (March 23rd 2018).

What is a Wildcard SSL Certificate?

While a standard SSL Certificate secures your main domain only, a 'Wildcard' Certificate allows you to secure all your subdomains too, with a single certificate!

For example:

If your main website was '' but you also had a Forum installed on the sub-domain '' your free wildcard certificate would protect both sites and ensure they are both served up to your visitors as "HTTPS://" (Secure) rather than "HTTP://" (Insecure).

So instead of having to get separate certificates for your sub-domains, you can now use a single wildcard certificate for all main domains and subdomains.

If you are still paying your hosting provider for SSL Certificates, stop! Move your website/s to CMS Wales and enjoy free Wldcard SSL Certififcates for life!

How do I activate my free SSL?

Every CMS Wales hosting package comes with a free SSL certificate, enabling you to use the recommended 'HTTPS' protocol to keep your site users secure. To activate the SSL, you’ll need to make sure you’ve pointed the domain name to our nameservers.

These are:


With that done, you need to:

  • Login to your CP (Control Panel) at
  • Under Security, click on the SSL/TLS icon
  • You will then see your domain name and an option to Activate Free SSL next to it - select this and the SSL will be applied to your domain
  • If you’d like all your visitors to use SSL connections (i.e. for HTTPS to always be used - recommended), simply select the Enableoption at the bottom of the page.

Once the SSL Certificate has been activated, it will take up to 30 minutes to secure your website. This is due to the changes needed to be made on our load balancers.

Move to CMS Wales today!


Choice of Three Web Hosting Platforms:


Linux Hosting
(from £3.99/month)

Our high-powered Linux platform is ideal for running everything from Joomla! to Magento. If you’re not sure what kind of hosting you need or what kind of website you want, Linux is the best choice. It’s fantastic out of the box, but we’ve made it even better.



Windows Hosting
(from £3.99/month)

We’ve designed a solid Windows platform to meet all your web hosting needs. Always up to date – We use only the latest Windows hosting technology for our platform to ensure you’re always benefiting from the very latest features and improvements.



Wordpress Hosting
(from £3.99/month)

If you run WordPress, you’ll want to take advantage of our bespoke WordPress platform. It’s optimised specifically for WordPress speed and security with lightning fast StackCache caching, MySQL resource handling, and automatic WordPress core updates.


All of our hosting Storage is 100% SSD.

100% Uptime Guarantee on all Hosting Plans

Hacked Site Help

Hacking is common.

We lock down the site clean compromised files, then secure the site against future hack attempts.

Many people are simply far too lax about online security, with many having no security at all, or at best using free security software that is, in most cases, nothing but "eye candy". Some of the worst offenders are MAC users, living with the mistaken belief that "MACs don't get viruses" - read on and I will explain why that is SO not true...

Many years ago MACs were very expensive and very rare - usually only used in the DTP industry, and then rarely connected to the internet. Due to that rarity, virus and malware writers had no real MAC user-base to target. So they wrote their nasty viruses and trojans exclusively for PCs. This led to the belief (still held by many) that MACs do not need security software because MACs don't get viruses...

While this may have been true 10 years or more ago this is really not true now - because MACs now sell in VAST numbers, and, rather than just sitting in DTP offices, they are now all wi-fi ready, constantly connected to the internet and for many are now "the" trendy item to have.

This has resulted in ratio of PCs/MACs now being very similar - so the virus writers and hackers now target BOTH markets equally...

If you have a website these days it is most likely a CMS (Content Management System) such as Joomla or Wordpress.

Just as with any computer operating system such as Windows or OS, all available updates to your CMS software and its plugins should be applied as soon as they are released in order to minimise security issues.

Neglecting this constant monitoring and updating leaves out of date websites facing serious security risks.

Outdated versions can be prone to the very latest viruses and malware, so you need to keep everything right up to date at all times to avoid the most recent threats.

Unfortunately many website owners forget about their websites during the Christmas and New Year holidays, leaving many websites outdated and insecure, with many website owners coming back to work in the New Year only to find their sites have been hacked during the holidays.

You are now logged out from CMS Wales

You have now been logged out.

Thank you for using our services. We hope you managed to achieve everything you needed to do....

If you had any problems please let us know here: Contact CMS Wales

Thanks again and come back soon...

As you will all know by now, people all over the UK are experiencing either complete loss of broadband, or intermittent faults such as emails failing to send, web sites not being found, calls from friends or colleagues saying they are unable to email you (often suggesting this is your fault - don't be angry with them, this just means they are unaware the UK is under attack by the "Mirai Worm Botnet" and it is highly likely their router is infected).

Instead, share the following information with them and encourage them to check their own ISP's outages map at  - I guarantee their ISP will be showing faults nationwide... (because they ALL are)

So, everyone needs to relax a bit - there is nothing you, or anyone else, can do about these issues at this time - although I will share some information later in this article that may help you mitigate the issues you are experiencing for a while at least...

What is this Privacy Policy for?

This privacy policy is for this website [ ] and served by CMS Wales and governs the privacy of its users who choose to use it.

The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.

The Website

This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy. This website also uses SSL Encryption for all traffic between the visitors and our servers.

Use of Cookies

This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user's computer / device.

Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google's privacy policy here for further information [ ].

Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

Contact & Communication

Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.

This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.

External Links

Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to;

The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Adverts and Sponsored Links

This website does not contain sponsored links and adverts for 3rd parties. Any links or adverts on this website are for our own products or services only.

Clicking on any of our adverts, such as those for our e-Books, will send you to the Amazon website which may use cookies to track the number of buyers sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive.

Social Media Platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Shortened Links in Social Media

This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example:

Users are advised to take use and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.

Related Documents

Please also see our Terms & Conditions


v.3.2.4 - 27th April 2018 - CMS Wales, Sychpant, Velindre, Crymych, Pembrokeshire, SA41 3XD

With scammers and hackers operating at an all time high we all need to do everything we can to keep our computers and devices safe. Many scammers will send attachments via email which, once opened, will infect the host machine and allow the scammers to take control of your computer. Here is a list of attachments you should never open...

If you receive an email with any of the following e-mail attachments, you should never open it, regardless of where the email came from or who sent it to you. Malicious e-mail attachment are the most common method of infecting a computer. Always check the file extension of an e-mail attachment, because it can be disguised as a "Word", PDF or other legitimate document, so double checking is vital.

Here is a list of possible e-mail attachments and their extensions that you should be very wary of:

If you use a CMS (Content Management System) such as Joomla or Wordpress you have the option to manage your own website via an Admin interface without needing the technical expertise normally associated with HTML only websites, where you would need to learn how to code in HTML, JAVA and PHP.

Instead, with a CMS such as Joomla or Wordpress, you use a WYSIWYG editor from inside the Admin Area to make changes to your pages, much in the same way you might edit a Word document.

While this makes things much easier for you, or your staff, to keep your website content up to date, many site owners neglect the "other side of the coin", which is the monitoring and updating of the CMS itself, and its components, plugins and modules (i.e. the "system" required to run your website).

This leaves out of date websites facing security risks.

Imagine waking up one morning, opening your laptop and realising you can’t access your online accounts anymore. Your email has been breached, your website, your most precious work and personal data, all gone! and your credit/debit cards have been used to empty your bank account...

Could it have been prevented?

If you were using Two Factor Authentication (2FA) the above scenario would be far less likely...

What is Two Factor Authentication?

Its purpose is to make an attackers’ life harder and reduce fraud risks. If you already follow basic strong password security measures, two-factor authentication will make it much more difficult for cyber criminals to breach your account.

It has recently come to my attention that several of my clients have been approached by rogue "SEO Companies" offering to "fix" their sites for a fee (often an extremely hefty fee too).

Here is some information that will help you be prepared against such rogues...

I cannot stress enough just how important it is NOT to let anyone claiming to be from an "SEO" company insert "landing pages" into your website...


Basically "landing pages" are pages, which are written by the SEO company rather than by yourself (and Google WILL notice the difference) in order to try and fool a search engine into thinking that the page is more important in your site for certain key phrases, than any other part of your website.

Many companies run systems that require the use of passwords by their staff or members - examples being offices running a computer network, websites that allow members to sign up for extras like Newsletters or online shopping, or Hosting companies with customers that need access to cPanel, mailboxes or FTP etc.

While the company involved may the the precaution of initially setting a strong password for each new user - many of these systems will then allow the user to change their password to something easier to remember - and this is where the danger lies...

Once a user resets their password for something simple, like their pet's name, or place of birth, their new password is now the weak link in your security chain.

Users that do not take the time to manage their own strong passwords are also highly likely to use the same password across multiple networks and websites - making it even more likely that their password will, sooner rather than later, be compromised. And once that happens, even the least talented hackers will have a field day with every system that user has access to - including your business.

I am noticing an alarming increase in the number of queries I am getting from people who have used WordPress to create their websites, and then things have gone horribly wrong, usually because they have been hacked and their site is now irrepairable.

Sometimes however it is because they have vanished from search engines since uploading their new free website, whereas they had been doing well in the search engines with their previous custom site.

I understand why people are tempted by a system such as WordPress that will allow anyone, with no design skills or coding experience whatsoever, to create a free website in just a few minutes with no effort required on their part.

Who doesn't like free? Who doesn't like something for nothing? Perfectly understandable...

But offering visitors to your business website a cheap website that looks exactly like thousands of other websites, just tells your visitors you do not care about their needs and will probably also be cutting corners wherever possible in all other aspects of your business, and therefore are best avoided.

So for anyone even considering setting up a WordPress website for their business let me explain why you should stop right there...