Case Study: Bahari Freight Group

01

The Client

A 45-person freight company moving goods across East Africa — with a website that couldn't keep up.

Bahari Freight Group operates logistics services across Kenya, Uganda, and Tanzania — managing a fleet of 28 trucks, warehousing in Mombasa and Nairobi, and cross-border customs clearance for importers and exporters.

They came to us in December 2025 with a problem most B2B logistics companies in East Africa share: their website looked like it was built in 2014 (because it was), their email kept going to spam, and potential clients couldn't get a quote without calling three different numbers.

Their previous developer had disappeared 6 months earlier — taking the hosting credentials with them. The site was on a shared hosting plan that went down every time traffic spiked during peak shipping season.

02

The Problem

Every metric was broken. Every system was fragile.

8.4-Second Page Load

Measured on PageSpeed Insights, mobile. The hero image alone was 4.2MB. Google was actively punishing them in search rankings. Competitors with faster sites were stealing their organic traffic.

8.4s→Target: <2.5s

12 Hours Downtime/Month

Shared hosting on a server with 200+ other sites. Every time their peak season hit (Nov–Jan), the site buckled under traffic. During December 2025 alone, the site was down for 14 hours — losing an estimated KES 340,000 in missed quote requests.

12hrs/mo→Target: <1hr/year

Email Going to Spam

No SPF, no DKIM, no DMARC records configured. When Bahari sent invoices or shipping confirmations, 34% landed in recipients' spam folders. Clients were calling to ask "did you send the quote?" — because they never received it.

34% spam→Target: <2%

Zero Security Posture

No firewall. No endpoint protection. Staff passwords stored in a shared Google Doc. When we ran a vulnerability scan, we found 23 critical exposures — including an unpatched WordPress plugin with a known RCE exploit.

23 CVEs→Target: 0 critical

03

What We Found

A 47-point audit revealed systemic failure — not just a bad website.

We ran a full IT environment assessment in the first week. Here's what the audit surfaced:

Hosting: Shared cPanel hosting (KES 8,000/year). No SSL certificate auto-renewal. Certificate had expired 3 weeks before our audit — all visitor traffic was flagged "Not Secure" by Chrome.

Website: WordPress 5.4 (5 major versions behind). 14 installed plugins, 6 abandoned (no updates in 18+ months). Theme was a nulled copy of a premium theme — bundled with a backdoor PHP shell.

Backups: None. No automated backup system. The last manual backup was 11 months old and stored on the same server as the live site. Critical freight documents, customs paperwork, and client contracts existed only on individual staff machines — a single ransomware attack away from total data loss.

Email: Using ISP-provided email with no authentication records. Staff were also using personal Gmail for client communications — creating a compliance risk and no audit trail.

Devices: 45 staff devices (laptops + phones) with no centralized management. 12 devices running Windows 7 (end-of-life). No antivirus on 18 of 45 devices. No DNS filtering — staff could access any site, including known malware domains. No backup solution for local files; critical freight documents stored only on individual machines.

Quote Process: Prospective clients had to call, email, or WhatsApp to get a freight quote. No online quote form. Average response time was 6.5 hours during business hours.

04

What We Built

A logistics platform engineered for the way Bahari actually operates.

StackHost Africa

Managed Cloud Infrastructure

Migrated from shared hosting to a dedicated StackHost cloud environment — 4GB RAM, NVMe storage, automated scaling. Chose Cloudflare edge caching over a CDN plugin because Bahari's clients load the site from Mombasa, Nairobi, Kampala, and Dar es Salaam — we needed edge nodes in all four.

4GB RAMNVMe SSDCloudflare EdgeAuto-scaling

DesignX Studio

B2B Corporate Website

Built a conversion-focused site from scratch: online freight quote calculator (container size → route → instant estimate), client portal for shipment tracking, tender document library, and route-specific landing pages for SEO. Chose a static-first architecture over WordPress because the site needed to load in under 2 seconds on 3G — which is what most truck drivers and warehouse managers in East Africa use.

Static-firstQuote CalculatorShipment TrackerRoute SEO

KonectIQ

Endpoint Security & Device Management

Deployed a layered security stack across all 45 staff devices. DefensX for DNS-level threat filtering — blocking known malware, phishing, and C2 domains before they even reach the browser. Bitdefender GravityZone for EDR and antivirus — real-time threat detection, behavioural analysis, and automated remediation. Removed all 12 Windows 7 machines from the network (replaced with refurbished ThinkPads). Configured automated patching schedules and set up a centralized KonectIQ dashboard for Bahari's ops manager to monitor device health, compliance, and threats in real time.

DefensX DNSBitdefender EDR45 EndpointsAuto-patchingCentral Mgmt

DDE Managed IT

Email, Backup & Operations

Migrated to Microsoft 365 Business Basic with full SPF/DKIM/DMARC configuration. Deployed DDE's in-house backup solution — automated daily backups of all cloud infrastructure and local file servers with point-in-time recovery, 30-day retention, and off-site replication. Critical freight documents, customs paperwork, and client files now backed up across all 45 endpoints. Created a structured quote request workflow — online form → auto-acknowledgement → assigned to sales rep → quote delivered within 2 hours.

Microsoft 365DDE BackupPIT RecoveryOff-site Repl.2hr SLA

04b

What We Delivered

The actual product — not just the spec sheet.

DesignX Studio · B2B Website

Bahari Freight Group website — conversion-focused B2B logistics platform built by DesignX Studio

Full B2B corporate website with freight quote calculator, East Africa network map, compliance credentials, and client portal. Static-first architecture optimised for 3G networks across Kenya, Uganda, and Tanzania.

Client Portal · Shipment Tracking

Bahari Freight client portal dashboard — real-time shipment tracking, invoice management, and quote history

Authenticated client portal where Bahari's customers track shipments in real time, download invoices, upload customs documents, and request new quotes — without calling the office.

KonectIQ · Security Dashboard

KonectIQ endpoint detection and response dashboard — 45 devices monitored with DefensX DNS filtering and Bitdefender GravityZone EDR

Centralised security dashboard showing all 45 endpoints — device health, threat alerts, DNS blocks (DefensX), EDR status (Bitdefender), and patch compliance — in one view for Bahari's ops manager.

05

Before vs After

Side-by-side. Same business. Different infrastructure.

Before DDE

After DDE

8.4sPage load time (mobile)

1.8sPage load time (mobile)

12hrs/monthWebsite downtime

0hrsDowntime since launch

34%Emails landing in spam

<1%Emails landing in spam

23 CVEsCritical security exposures

0Critical security exposures

0Automated backups

Daily + PITDDE backup + off-site replication

NoneDNS filtering

DefensXDNS-level threat blocking on all 45 devices

6.5hrsAvg. quote response time

1.8hrsAvg. quote response time

18/45Devices with no antivirus

0/45All on Bitdefender GravityZone EDR

~85/moOrganic website visitors

340+/moOrganic website visitors

06

The Results

Measurable business impact — not just technical metrics.

The technical improvements were significant. But the business impact is what matters to Bahari's management:

4×

More Quote Requests

Online quote form submissions went from ~15/month to 60+/month. The quote calculator on the homepage alone drives 38% of all inbound leads.

KES 340K

Monthly Revenue Recovered

Eliminating downtime during peak season recovered an estimated KES 340,000/month in previously lost quote requests and missed shipment enquiries.

2hrs

Quote Turnaround

From 6.5-hour average response to under 2 hours. The auto-acknowledgement + assigned rep workflow means no lead goes cold.

100%

Device Compliance

Every staff device now has Bitdefender EDR, DefensX DNS filtering, automated patching, and centralized management via KonectIQ. Zero security incidents since deployment.

07

The Timeline

Week by week — how we got from broken to bulletproof.

Week 1

Discovery & Audit

Full 47-point IT environment assessment. Mapped all 45 devices, audited the existing website, reviewed email infrastructure, interviewed ops manager and sales team. Delivered a prioritised findings report with costed remediation plan.

Week 2

Infrastructure Setup

Provisioned StackHost cloud environment. Configured Cloudflare edge caching, DNS migration, SSL certificates. Set up Microsoft 365 with full email authentication (SPF, DKIM, DMARC). Deployed KonectIQ agents on first batch of 20 devices.

Week 3–4

Website Design & Build

UX wireframes for quote calculator and shipment tracker. Brand identity refresh — new colour palette, typography, and visual language. Static-first build with route-specific landing pages. Content migration from old WordPress site.

Week 5

Security Rollout

KonectIQ deployed on remaining 25 devices. Windows 7 machines decommissioned and replaced. DefensX DNS filtering activated across all endpoints. Bitdefender GravityZone EDR deployed with behavioural analysis policies. Removed nulled WordPress theme and backdoor. Configured automated patching schedules and centralized monitoring dashboard.

Week 6

Backup & Email Cutover

DDE in-house backup solution deployed — automated daily backups of cloud infrastructure, local file servers, and all 45 endpoints. Point-in-time recovery configured with 30-day retention and off-site replication. Email cutover to Microsoft 365 — migrated 45 mailboxes, configured shared inboxes for sales@ and ops@. Trained staff on new email workflow.

Week 7

QA & Testing

Full cross-browser and cross-device testing (including 3G network simulation). Load testing to 10× expected peak traffic. Security penetration test. Quote workflow dry-run with sales team. UAT sign-off from Bahari management.

Week 8

Launch & Handover

Go-live on a Saturday at 2am EAT — zero-downtime DNS cutover. 48-hour monitoring sprint. Staff training session (2 hours, recorded). Delivered operations manual, emergency runbook, and DDE's dedicated support channel. Started 3-month managed support retainer.

08

Client Perspective

"Before DDE, we were running a logistics company on broken infrastructure — our website was down half the time, our emails went to spam, and we had no idea our WordPress site had a backdoor in it. They didn't just fix the website. They rebuilt our entire digital operation in 8 weeks and now our quote requests have quadrupled. The ROI paid for the project in the first two months."

Amina Hassan Operations Director, Bahari Freight Group

Bahari Freight Group Mombasa · Nairobi · Kampala

We rebuilt Bahari Freight's entire digital stack in 8 weeks.