Web designers typically charge about $70-$120 / £50-£90 per hour. Searching around the web you can find cheaper but always good to check why. The average set up, design, build and content creations for a basic website can range between $1000-$10,000/£1000-£8000. This heavily depends on if you are providing your own content/images, how complex the site is and the skill of the agency or freelancer.

How Much Do Web Designers Charge?

Web Design Hourly Rate

Freelance web designers with a modest amount of expertise make about $75/£50 per hour on average. This number, however, may vary according to CSS-Tricks.

Codeable boasts over 500 WordPress designers and developers worldwide and offers the ballpark figure of $70–$120 / £50-£90 per hour.

Here at Marketing the change, we work on an average of $80 per hour however we very rarely use an hourly rate unless we run into an ongoing project that is extremely complex.

There are a number of factors that can affect an hour rate

  • How long the web project will take – depending on how long the website will take to build can impact the hourly fee of a developer. A long project will often be more complex but they will provide more hours overall. Smaller projects are normally easier to complete but will leave the expert needing to find more work quickly.
  • Passion Project – If the developer has an interest in your company or business cutting their hourly rates might be something they are willing to do as they enjoy your brand. Here at Marketing the Change we often do this with charities, churches and startups as we love to give back with discounted rates or our Giving Back Grants.
  • The complexity of the Website – Building a simple business site or building a complex membership app requests two very different skill sets and prices will match accordingly.
  • The number of pages – Many pages to create equals more work. Blogs and e-commerce components, for example, might be more expensive.
  • Repeat client – Some web designers will charge a new client less to get the job started, but this could lead to trouble in the future.
  • Clients tech skills – Working with clients who struggle to open their emails or send content when needed takes more time.
  • If the client is providing content – If you as the business owner are providing all the content and images its a lot less work for the web designer who would normally have to source images and hire a content writer.
  • Framework – If you have a current website built on a unknown or outdated framework then a higher hourly rate could be used. Here at Marketing the Change we do charge extra if you have a non-standard website build.

Flat Rate Web Design

Hours rates are good for very small projects or projects that are hard to scope out but overall we suggest fixed-price projects. This allows you to know what you are spending before anything is signed. And

With a fixed price no nasty surprises when the work is done.

Here at Marketing The Change we typically charge a flat rate for web design projects, this way you know exactly what your budget will be and planning becomes much easier.

For larger custom builds or projects that require more time from our designers then hourly rates can apply. In this type of project we will work off milestones and goals to make sure you are in the loop and hours are tracked.

e a designer to build a website?

Josh Morley

I have been designing & marketing websites since 2013. I specialize not just in WordPress web design but also in online marketing. SEO, PPC, keyword research, link-building and most recently on lead acquisition for local businesses.

2021 Web Design in Liverpool – A Year in Review.

Every year we like to look back on the year.

Where we were, where we are.

Past projects & clients.

What goals did we hit, what did we miss?

How about you where were you a year ago?

How was 2021 for you and your business?

As a web design agency based in Liverpool we work with clients and customers all over the world. It is always interesting to get feedback from the community and what people thought about their year.

Was it a year that lived up to your expectations or was there too much hype, did your business thrive or not?

How do you see the future shaping up in 2022?

Let us know!

Last year we worked on 491 projects

That’s 1.3 projects a day.

9.4 projects a week

or 40 projects per month.


Some of these projects were small fixes, maintenance or minor tweaks others were full website build, SEO and massive a few massive multi-site builds.

An amazing thank you to our team! We could have done it without you.

And thank you to all our amazing clients we look forward to supporting you in 2022.


Josh Morley

I have been designing & marketing websites since 2013. I specialize not just in WordPress web design but also in online marketing. SEO, PPC, keyword research, link-building and most recently on lead acquisition for local businesses.

If you got an email this week from Godaddy, Domains PricedRight and other Godaddy Reseller tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet Host Europe or another Godaddy company (Wordfence) you could be one of Godaddy’s 1 Million customers who were involved in a data breach.

I recently had a number of customers reach out to me regarding this email that was sent last night.

Depending on if you had a Managed WordPress account the email was slightly different.

If you previously had a managed Godaddy account it will say something like

We are writing to inform you of a security incident impacting our GoDaddy Managed WordPress environment you once purchased and used. According to our records your Managed WordPress account is no longer active. 

The web hosting business announced Monday that it had been hacked, and yes, customer data was taken.

The email goes on to say:

On November 17, we identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and have contacted law enforcement. Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to your customer number, email address associated with your previously used Managed WordPress account; and the password you first used when setting up your WordPress Admin login.

If you use that same password for other accounts, we recommend you change your password to those accounts and adopt data security best practices, such as choosing a strong unique password, regularly changing it, and enabling multi-factor authentication where available. We also recommend that you remain vigilant for potentially fraudulent communications sent to your email address purporting to be from GoDaddy or other third parties.

For residents living in California, Colorado, Delaware, Illinois, New York, New Jersey, Oregon, Vermont, Washington, and Wyoming, please visit https://www.godaddy.com/help/a-41004 for additional resources that describe additional steps you can take to help protect your information, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.

Thank you,

Demetrius Comes

Chief Information Security Officer

It was only recently that Godaddy discovered it had been hacked but it happen a month ago.

The firm claimed in a filing to the SEC that someone gained access to its Managed WordPress hosting environment back in September, but that it only recognized something was wrong last Wednesday.

“We are sincerely sorry for this incident and the concern it causes for our customers,”

“We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down.”

Godaddy Customer information that was compromised:

  • Email addresses
  • Customer numbers
  • Original WordPress administrator level passwords
  • Secure FTP (SFTP) usernames and passwords
  • Database usernames and passwords
  • SSL private keys

So If you had one of these emails or are concerned about what should you do next?

Beware of Phishing emails and Call

Phishing is a kind of social engineering assault that is used to get people’s login information and credit card numbers. When a victim is fooled into opening an email, IM, or text message sent by a seemingly trusted individual, it is known as phishing. Now that a hacker may have some of your personal information you may receive a call or more likely an email claiming to be from Godaddy. Be very careful with any sales calls from Godaddy and feel within your right to put down the phone and call back to double-check it was a real call.

Change your WordPress Admin Passwords

Having an unauthorised person have access to your WordPress is a scary thought. It is suggested that you change your password every three months. If you want added security adding a 2FA or login detection. This can put your mind at ease to know who is logging in and when.

Do a WordPress security check and add an audit log

With this recent news, we would suggest doing a WP Security audit to see if anything is a miss. Although this post cant go through everything that is needed to be checked here’s a few things to look out for:

  1. Admin roles kept to a minimum
  2. All admins have strong passwords
  3. Plugins Updated and still in lifecycle
  4. The theme has been updated and still in lifecycle
  5. Plugins and theme both are unchanged
  6. File permissions are set correctly
  7. Code is secure
  8. Database is clean

Securing a website is a big task and if you would like some help reach out to us.

Change your sFTP and FTP logins

During this hack, your sFTP logins may have been accessed so this is as important as changing your WordPress passwords. With FTP a user can access every file of your site and malicious code and even create a backdoor so they can log in directly.

Change the database username and password

Update both the phpmyadmin’s username and password this can be done via Godaddy’s admin panel

Check card details

Godaddy has said “Please note that, to date, our investigation has not revealed any evidence that the unauthorized third party had access to credit card information, or any other financial information” However it is best practice to look over any cards connected with Godaddy just to be on the safe side

Move from Godaddy

First to be fair Godaddy is not the only host that has suffered a security issue and they won’t be the last. The fact it to took them so long to realise is concerning. If you are looking to move to another host feel free to reach out to us and we can make some suggestions and help you in the moving process.

The GoDaddy Managed WordPress data breach is likely to have significant repercussions. The SEC filing says that “Up to 1.2 million active and inactive Managed WordPress customers” were affected. The data breach potentially affects people who use those sites, which means the number of affected individuals is much larger.

Anyone who uses GoDaddy’s Managed WordPress solution should assume their sites have been hacked until further notice, and should follow the measures outlined in this article.


Godaddy Office

Josh Morley

I have been designing & marketing websites since 2013. I specialize not just in WordPress web design but also in online marketing. SEO, PPC, keyword research, link-building and most recently on lead acquisition for local businesses.

Facebook AI Images

Facebooks recent photo outage has given a lot of people a chance to see behind the curtain of Facebook’s artificial intelligence. More specifically how it views them and their images.

Reading other people’s experiences I saw Facebook describing people as ‘Basic’ or ‘Man with a beard’ Looking through my friend’s accounts it was scary how accurate some of the descriptions were.

So I jumped over to my personal profile to check what Facebook thought of me.

I was disappointed to find my profile image loading as normal.

However, there is more than one way to peer behind Facebook’s curtain and discover what it thinks of your images.

In Chrome right-click on an image and then click inspect

You can then read what Facebook thinks about your image even if it’s not broken


Facebook’s AI reads my profile picture as “your profile photo, Image may contain: Amy Faith Morley and Josh Morley, people smiling, outdoor” which is correct even down the to smiling.

You can do the same on Firefox


Internet Explorer




Josh Morley

I have been designing & marketing websites since 2013. I specialize not just in WordPress web design but also in online marketing. SEO, PPC, keyword research, link-building and most recently on lead acquisition for local businesses.