AI, DIY, and the Care Plan

You know that moment when you think, “I’ll just update this myself”?

This morning, my fellow web developers and myself had a conversation about clients who prefer to take on their own website maintenance. To be perfectly honest – some (the ones with a technical background) do a good job. But for most clients it ends up being an “out of sight, out of min” problem, and no regular maintenance actually takes place. And their website will be absolutely fine… until it’s not. Jeff put it this way:

“I guess they can be on a care plan, or on an I-don’t-care plan.”

Plugin updates are easy to do, and even creating your own code is getting easier with the help of AI. What could possibly go wrong?

Today’s discussion was sparked by this article on Dark Reading: AI-Generated Code Poses Security, Bloat Challenges. Research conducted by application security firm Veracode found that AI-generated code contains security flaws about 45% of the time. That’s a coin toss! I can’t recommend leaving your business assets up to that kind of chance.

About Care Plans

A website care plan is designed to work as insurance for your business website. If the site goes down, it is our responsibility to make your site accessible again as fast as possible. And we can do that, because we invest into a robust structure with 3 different methods to keep backups, a variety of monitoring tools and more.

Even small, well-meaning changes can lead to broken pages or hidden vulnerabilities. Plugins that don’t play nicely together, scripts that stop talking to each other, or security gaps that you won’t see until it’s too late. You could be fine for months (or even just seemingly fine) and suddenly, that “quick update” becomes an unexpected outage and you spend your Thursday night frantically googling.

A Quick Real-World Example

It’s not often that a plugin update breaks a website completely, but it does happen. As was the case less than two weeks ago by the way. A plugin that we’ve used on a handful of our clients’ sites malfunctioned and every one of those sites went down, displaying only the dreaded “There has been a critical error on this website.” error message. I got the email notifications from our uptime monitors on my phone, headed straight back to the office and spent the next hour getting recent backups of the affected sites back up and running until the root problem can be fixed, and sent a quick email report with the details and next steps to each client.

Here’s one of the emails I got back:

“Thank you so much for that!!! No, at this time we are not actively using this functionality, so its fine! THANK YOU THANK YOU!!”

Scare tactics?

But… I don’t want to sound like a fearmonger! Risk assessment and contingency planning is part of running a business. It’s valuable to have someone who knows your site and can fix it when things go sideways, with steady maintenance, quiet reliability that you can budget for, and fewer surprises.

I’ll close with this thought: This isn’t supposed to be scare tactics. I believe in care tactics 🙂