Eduardo Hotta
4 min read

Choosing a web developer can be a tricky task but ensuring you find the right one, who will maintain a secure (as well as beautiful) website, is key. We have compiled a list of top security-related questions you should ask your web developer to ensure they are going to protect your website.

Subscribe to our Blog

What platform will my site be built on?

These days, there are lots of software for web developers to build websites on… including Magento, Wordpress, Shopify and many more. Choosing the correct web platform is essential to suit your company, as they are the building blocks your site will be built on. As with everything these days, there are pros and cons to each platform, so you'll want to check out which one your web developer is using and their reasons why.

Do we have any anti-virus running on the host server?

It's a good idea to discuss with your web developer about who is going to manage the security side of your website and set our clear rules before the building of the website even starts. Typical questions to ask are. Who maintains it? And how often will it update? Who acts on any alerts raised?

What’s your area of speciality?

Like everyone, web developers have speciality areas. Some will specialise in larger eCommerce sites, and some more niche independent sites. Be sure to find someone with experience in the size of your business and what you're looking for to ensure the best website.

Who is responsible for patching the environment and keeping it up to date?

Be sure to check when it was last done, and if you're not clued up on security, check how often it needs to be done, as well as newly released patches and how quickly they can be implemented.

Will the website be fully editable?

If your company is wanting to be able to make changes to the text, banners, images and other features it's essential you need to establish this up front. It's usually down to your wants and needs and is always a good idea to discuss with your web developer being any work begins.

How long is your web development process?

Good work takes time. Web development can take from anywhere to 1 month to 1 year, depending on the brief supplied. Working with your web developer to produce a timeline is the most efficient way to ensure the work is completed around the date you had in mind.

Will you test my website for common vulnerabilities, if so... how?

Make sure to ask your web developer this one. It is key to ensuring a safe and secure site. Key questions to ask do we use default error pages or custom ones? Are our administrative log in pages publicly accessible? If we have any apps we aren't using, are these disabled?

Is logging enabled? Are we logging web access logs, administration access and change logs?

Check out how the logs are maintained, and who has access to these files too. Can they be manipulated? Does anyone monitor the logs of suspicious activity?

Do we have any intrusions detection systems in place?

Who is expected to monitor and check these?

What examples do you have? May I speak to your clients?

Don't just take your web developers word. Ask to see previous work they have achieved, and get in contact with their current and former clients. Undergoing a new website is an exciting, yet extremely stressful time for most companies, especially if you have a small team.

Is the environment protected from all known threats?

Are we implementing a Web Application Firewall (WAF) or any Firewall on the host server/eCommerce site?

What is the end-to-end expected cost?

Websites are an investment. In the long run, having an awesome website will bring you more traffic, therefore more sales, so trying to find the cheapest web developer doesn't set you in good stead. A good web developer will be able to outline the costs to give you a rough estimate of the sort of price you are looking at.

How much involvement will I have?

This question is solely up to the individual. It depends completely on how much involvement you want to have in building the site.

What tactics will you use to ensure the site is SEO friendly?

SEO (Search Engine Optimisation) refers to the steps taken to ensure your website appears on google searches + other internet search engines when your key terms are searched. SEO isn't something that can just be added, and work effectively. To ensure SEO works at its maximum capacity, be sure to build it into the foundation of your site.

How many websites have you built?

Experience is everything. When it comes to website design and development, it's key to ensure your developer has a good few years of experience.

What research do you complete before starting the website design?

A great web developer will get a background on your company, your place in the market and target audience so that they can build a website which fits your company's exact brief, target market and audience.

Whatever your brand or company, getting a good web developer on board will ensure you have a great website for the world to see!

If you'd like to download our Top Questions to ask your Web Developer click the download button below. Anything else troubling you? Drop us an email at

Download Infographic 

Contact Us

Access cybersecurity advisory services


Eduardo Hotta

Eduardo Hotta is the Head of Marketing at Foregenix. He's passionate about sharing the best cybersecurity information to companies of all sizes, so they can protect themselves from threat actors.

See All Articles

Subscribe to our blog

Security never stops. Get the most up-to-date information by subscribing to the Foregenix blog.