Website Replatforming Services

The Vendor is required to provide to replatform our existing website. Our current website is built on outdated technology that poses increasing security and performance risks.
- Aims to rebuild the site in a modern, secure, and maintainable environment while preserving the current content.
- Suggest a platform for the website to be built on
•    Set up a new installation in a secure hosting environment without taking the current site offline during development.
•    Reproduce the current design and overall look & feel, with minor updates to sub-page layouts (no full redesign).
•    Implement responsive, mobile-friendly design standards.
- Content Migration
•    Migrate all existing visible content as-is.
•    Exclude any pages not accessible via navigation or internal content links.
- Secure Member Directory
•    Implement authentication (username/password) to restrict access to the directory.
•    Ensure the directory is not indexed by search engines
•    Protect all data in transit with HTTPS encryption.
•    Ensure user credentials are stored securely following best practices (hashed and salted).
•    Provide the ability for administrators to manage user accounts and access levels.
•    Allow users to make updates to their directory listing (only their own directory listing. The administrator is the only one who may update all directory listings.)
- Hosting and Security Requirements
•    Data encryption for all sites
•    SSL certificates with automatic renewal
•    Automatic core updates to the chosen CMS
•    Multiple layers of protection:
o    Firewall
o    Malware scanning
o    Real-time threat detection
o    Intrusion prevention/detection
o    Brute-force attack protection
o    DDoS protection
o    Single-port database access restrictions
•    Plugin vulnerability monitoring with alerts to the support team
•    Advance notice of selected platform security releases (if using a managed platform such as WP Engine)
•    Quarterly third-party penetration testing
- Hosting and Support Contracts
•    Must include full hosting contract details, including:
o    Hosting provider name and data center locations
o    Service Level Agreement (SLA) uptime guarantee
o    Backup policies and retention period
o    Disaster recovery procedures
o    Security monitoring and response protocols
o    Update and patching schedules
•    Must include ongoing support contract details, including:
o    Support hours and contact methods (phone, email, ticketing)
o    Response time guarantees for different severity levels
o    Scope of support (e.g., plugin updates, theme updates, troubleshooting)
o    Process for escalation and resolution of issues
o    Costs for ongoing hosting and support (monthly/annual rates).