Website Downtime: What It Really Costs Your Small Business

Your website is your business’s front door. When it is locked — whether by a hosting failure, a cyberattack, a DNS misconfiguration, or an expired certificate — customers cannot get in, and many will not come back.

Website downtime is one of those problems that is easy to underestimate until it happens. Then the costs become very real, very quickly.

What “Website Unreachable” Actually Means

When a website is unreachable, it can mean several different things technically:

The server is not responding — the hosting is down, overloaded, or taken offline
DNS failure — the domain is not resolving (see our post on domain not resolving)
SSL certificate expired — browsers block access with a full-screen warning, making the site effectively inaccessible even if it is technically running
DDoS attack — the server is overwhelmed with malicious traffic and cannot serve legitimate visitors
Cyberattack or ransomware — the server or data has been compromised and the site has been taken offline deliberately or as a consequence

Each has different causes and solutions, but the effect on your business is the same: customers cannot reach you.

The Real Cost of Website Downtime

The cost of downtime is often discussed in the context of large enterprises — where the average cost per minute can reach thousands of pounds. Those figures do not apply directly to small businesses, but the proportional impact can actually be higher.

For a small e-commerce business taking £5,000 in daily revenue online, a 24-hour outage is a direct loss of £5,000 in sales — plus the indirect costs. For a professional services firm, it is enquiries that go unanswered and prospects who quietly find a competitor.

Lost sales. The most direct cost. Research by Akamai found that 40% of users will abandon a website that takes more than three seconds to load — for a site that is completely unreachable, abandonment is near total.

Damaged search rankings. Search engines crawl websites regularly. Repeated downtime signals an unreliable site. A website that Google finds unavailable repeatedly may see its rankings drop — and rankings are hard to recover.

Customer trust. A survey by Pingdom found that 91% of respondents said website performance directly affected their opinion of a business. An unreachable website — especially one with a full browser security warning about an expired certificate — undermines confidence in ways that take time to recover.

Support burden. When a website goes down, customer service enquiries spike. Staff time is diverted to handling “is your site down?” calls rather than productive work.

The Most Common Causes for Small Businesses

Hosting issues. Cheap shared hosting is disproportionately vulnerable. When one site on a shared server experiences a traffic spike or a malicious bot, all sites on that server can be affected. Quality managed hosting significantly reduces this risk.

Expired SSL certificate. Let’s Encrypt certificates expire every 90 days. If auto-renewal fails — due to a server misconfiguration, hosting change, or DNS issue — the certificate expires and browsers display a full-page security warning. Many visitors will not click past it. See our guide on HTTPS and SSL certificates for more.

DNS misconfiguration. A DNS change made without care, or nameserver details not updated after a hosting migration, can take a site offline. DNS changes can take hours to propagate, meaning a mistake can cause extended downtime even after correction.

Cyberattack. WordPress sites, e-commerce platforms, and any publicly accessible application can be compromised. The aftermath of a breach often involves taking the site offline for investigation and cleaning — sometimes for days.

DDoS attack. Distributed Denial of Service attacks flood a server with fake traffic until it cannot serve real visitors. A CDN like Cloudflare (free tier) provides significant DDoS protection and can serve cached pages even when your origin server is under attack.

Plugin or update failure. On WordPress and similar platforms, a failed update can take a site offline. This is why staging environments and tested backups matter.

What to Do Next

Set up uptime monitoring. You should not find out your site is down because a customer tells you. Free tools like UptimeRobot monitor your site every few minutes and alert you by email or SMS the moment it goes offline. There is no reason not to have this.
Monitor your SSL certificate expiry. Set alerts for 30 days and 7 days before expiry. Most monitoring tools do this automatically.
Use quality managed hosting. A few extra pounds per month for managed hosting with SLA-backed uptime, daily backups, and a responsive support team is worthwhile insurance.
Keep a tested backup. If your site is compromised or a bad update breaks it, a recent backup is the difference between hours of downtime and days. Test that backups can actually be restored.
Use a CDN. Cloudflare’s free tier provides caching, DDoS protection, and serves cached pages even if your origin server has a brief outage. Many small business visitors will not notice a short hosting issue at all if Cloudflare is serving cached content.
Have a recovery plan. Know who to call and what steps to take when your site goes down. A simple checklist — hosting support number, registrar login, DNS settings, backup location — can save hours.

W3IT’s free security check checks whether your website is reachable, whether your SSL certificate is valid and not near expiry, and flags DNS and configuration issues that commonly cause outages. Run it now — before the problem finds you.

More on Security

Concerned about your business security?

W3IT provides monitoring, support and practical security guidance for small businesses — wherever you are. Start with a free security check.

Book Free Security Check