Are you secure? Of course you are! But what about your website?

When it comes to website security one of my favourite collaborators is the man to talk to…

I have been lucky enough to work with business owner, developer and website security specialist, Krzysztof Dryja over the years on a range of websites, and consider myself very lucky! Meeting Krzysztof came about in one of those serendipitous moments that alter your professional life. I was project managing a high profile, time-sensitive and challenging website and needed a developer with a very specific set of skills. Through an online network, I reached out to Krzysztof and we began working together on the project.

His technical knowledge and supreme communication skills made working with him one of the best professional experiences of my 20+ year career and each time I work with Krzysztof I am deeply grateful for his exceptional skills, input, and his professionalism, which never fail to positively impact on all projects we collaborate on. 

Krzysztof Dryja, Founder of Aspexi Ltd.

He began his programming journey in secondary school, at first website development and programming were hobbies and then he became involved in professional projects. Very soon it became a full-time thing and he hasn’t looked back since! Krzysztof continuously works with a range of clients and positive feedback about his work and communication skills and professional approach are nothing new to him.

He formed his company Aspexi in 2010. Prior to that, he had spent more than five years working on web application development. Since 2010, he has also founded another company AMarket Ltd and is involved in various other projects such as and

The Aspexi team works with WordPress Content Management Systems (CMS), and work with solutions such as Magento 1/2 or CS-Cart and have created their own WordPress plugins. The team is experienced with Node.js / React and similar frameworks and the core team is made up of three experienced developers including Krzysztof, and they too work with freelancers or designers.

A couple of fun facts that I found out recently is that both Krzysztof and Matt (another developer team member) are members of Mensa Society and that their plugins have been installed on more than 50,000 websites overall. The company’s short to mid-term plan is to extend their services such as plugins, and having started offering professional WordPress website security and backup services this year they are looking forward to a wider range of projects and clients.

RecentlyKrzysztof and I were chatting about a project and the topic of website security came about. In an age where data breaches are common headlines, where even the smallest of businesses need to take into consideration data protection, (especially with the event of GDPR coming into effect on 25th May this year) many companies are talking about. It’s a subject that although feels like it might need a technical background to join in with, is essential for business owners to be aware of. I asked Krzysztof a few questions on the subject of website security.

DigitalEnablr:  What do you find surprising about website security when working with clients?

Krzysztof:  A very low awareness, unfortunately, we meet clients who have had their websites hacked and who are not even aware that it has happened. That’s always an issue and may cause real issues and higher costs in relation to exceeding server resources. By talking about case studies on the website we are hoping to change that and make website owners more aware of the risks and how to protect their websites.

Photo by Tirza van Dijk on Unsplash

DigitalEnablr:  How much can the ignoring of website security impact a business? Why are websites are attacked and hacked

Krzysztof:  There are a couple of reasons, including:

  • Hacked sites can use web server resources to send SPAM emails or bitcoin mining
  • Phishing: via a hacked website a hacker can send malicious or fake emails with an invoice to your accountant or to a customer who may believe this is a real invoice from the company and could then make payment to the wrong person.
  • Ads and SEO. Your website could become a tool for promoting illegal products such as drugs. A common hackers’ practice is to make these changes invisible to a site owner. In one example we had a Drupal website customer recently whose website looked okay but when a user visited the site for the first time from a mobile device, it was immediately redirected to the well-crafted fake mobile site with warnings and links telling the user that a mobile app had to be installed immediately. These messages were appearing just to the first-time users, making the hack almost invisible to the website admin. Luckily we detected the malicious code and took the appropriate actions.
  • Hacked websites can be encrypted and become unavailable until you pay the hacker. This is where backup systems help a lot if implemented.
Photo by Gilles Lambert on Unsplash

DigitalEnablr:  What do you find business owners are least aware of when it comes to the topic of website security? 

Krzysztof: As mentioned previously, the attacks are well crafted and in most cases are meant to be invisible to the website administrators. Also, website owners often don’t understand how important updates or backups are until they get hacked or lost their website and database.


DigitalEnablr:  How are you finding this is being highlighted with the advent of GDPR?

Krzysztof:  The implementation of GDPR laws show how important to protect your website and the data you have. There are no 100% solutions. Even big corporations such as Google or LinkedIn were hacked in the past, however; the more you do the better. Keeping your website up-to-date and monitoring your website’s security should be a minimum action to avoid issues with GDPR compatibility.


DigitalEnablr:  I imagine that for a lot of business owners, the prospect of making a website secure may seem costly, how do you help business owners take on a website security project so that it is a project that works best for them? 

Krzysztof:  For computer-savvy admins, we’re always happy to help them install security plugins and set up a backup system on their own. This way they can minimize the costs. Unfortunately, work related to site monitoring or updates has to be done to keep a website secure and takes some time hence costs involved are unavoidable. However, this is definitely worth doing to avoid potential greater costs related, for example to website cleaning after a hack.

DigitalEnablr:  What challenges are biggest when approaching a website security project – for you and for business owners?

Krzysztof:  Website security is quite a complex and demanding topic. There are known cases of popular and highly rated WordPress plugins causing issues by changing websites to bitcoin miners. There are tools that website administrators use for protecting their websites but there is always a risk that there are zero-day attacks (attack or software used before the fix is implemented to known security holes) that can make these tools useless.

Another issue is basic passwords that can be easily guessed and used. It’s very important to use long and non-standard passwords.


DigitalEnablr:  Have you got examples of helping out when it was too late? How do you help companies that have had a data breach?

Krzysztof:  Unfortunately yes. In these cases, we check if backups are available and that they aren’t infected. If so, the restoring or cleaning of the website is fairly quick. Otherwise, we analyze if cleaning a badly infected website makes sense. There are cases where we have recommended rebuilding the website from scratch with security monitoring included.

In many cases, we also check how the hacker gained access to the website. There are many different known reasons such as out-of-date WordPress core or plugins, badly written templates or weak passwords. With that information, we can even better protect new sites.


DigitalEnablr:  What feedback and comments have you had from clients following the completion of a website security project? What surprising outcomes have website security projects created that the business owners/ you weren’t expecting if any?

Krzysztof:  In each case a business owner’s awareness of website security increases. That’s really positive. Sometimes this has created some super vigilant website owners who began tracking user logins themselves, and even when we were logging in to do our service work they were double checking if that was us or someone else. It’s great to see how a negative situation can become a learning point!

If you’ve got a website project in mind why not get in touch with Digital Enablr or if it is a matter of website security one, why not contact Krzysztof at Aspexi. 

Discover a new collaborative way to improve your digital marketing

I have been working with the fantastic team at RangeRoom a fashion-tech start-up based in London’s Shoreditch area.

Screen Shot 2018-04-27 at 13.56.11

Working with start-ups I discovered is one seriously rewarding experience. Their ability to respond to challenges and to client requirements often left me breathless with admiration. Here’s what RangeRoom CEO & Founder, Brendan Baldrey said about RangeRoom’s experience of working with DIGITAL ENABLR:

“Laura joined us relatively early in our journey as a fashion tech start-up. She rolled up her sleeves and got stuck in immediately. Her curiosity and ability to listen meant that not only did she understand what we offered as a Saas platform (despite our default & complex industry-speak) she also quickly understood our tone of voice and company culture and how that would inform everything she did with us.

She helped us across our strategy – from looking at how we spoke to our audiences, building a strategy around owning our messages and identifying which channels would work best for the various audiences that we speak to. And more importantly how we could build campaigns that were measurable and could drive better results and more accurate learnings about how to evolve our digital marketing, quickly. The combination of Laura’s expertise and the authority that brings along with her lovely manner, energy and soft skills meant that she became seamlessly embedded with the team, making the collaboration really easy and respectful.

Laura joined us 2-3 days a week as our Digital Marketing guru and revolutionised everything about how we approached our digital marketing. With her experience, she was able to, not only build a very robust strategy but was equally capable of getting really granular and educating the team on new tools or processes we would need to sustain our digital marketing progression. This ability – to see the big picture as well as pick out important details – gave us a robust view of what we needed to do. Laura has enabled us to do this with both authority and has both nurtured and encouraged us – which is invaluable. Laura doesn’t have a ‘consultancy’ approach – she is very much about collaborating on projects that drive results, educating the team to be self-sustaining and confident.” Brendan Baldrey, CEO & Founder

For more information, or talk to Laura directly on 07946 758710.