WordPress Support, Maintenance and Site Security Plans

Websites are not simply a set and forget tool. Just like your car, your computer and your office equipment, they need to be maintained.

Most likely it will be hacked.

98% of software updates are released in order to mitigate security risks. Failure to install the latest updates leaves your site vulnerable to being hacked.

When your website is hacked not only do you suffer the loss of data, loss of orders and consequent loss of money, your brand reputation takes a huge hit when visitors to your website are confronted by this:

Even more so if one of your customer’s computers became infected as a result of visiting your compromised website.

Do you have the knowledge, time and resources to respond to the constant flow of new Internet security threats?

We do.

We offer technical support, system maintenance, security monitoring and disaster recovery options for WordPress websites. More details in the following sections, or click the button below to ask us for more information!

Courtesy of Sucuri Security

Note that the 2016 figure is for one quarter, not a full year.

Here are two quotes from the same study the graph above comes from. It’s of 11,485 hacked websites (of which 8,958 were based on WordPress) undertaken by Sucuri through the first quarter of 2016:

That’s a 294% increase in one year – pretty spectacular by any standards.

And just in case that wasn’t enough:

Think your website is too small to be hacked? Unfortunately not.

The hackers aren’t interested in whose site they hack, or how big it is, they just want control of as many sites as possible to add to their ‘assets’. These assets are then used to infect visitors’ computers, carry out denial of service attacks, redirect users to porn or pharmaceutical sites or whatever other nasty scheme they come up with.

The top reason why WordPress sites are hacked is because the webmaster, or site owner, has not kept their plugins and other software up to date. A different study illustrates the point:

Courtesy of WordFence

More than 55% of all WordPress websites that were hacked were hacked because a plugin was not up to date. It is the top cause of hacked WordPress websites by a spectacular margin.

We cannot stress enough the need to keep all the software on your site bang up to date.

Your website needs constant monitoring and maintenance to ensure all the software is up-to-date and all security patches have been implemented. Because, if it is hacked, the search engines will discover it very quickly and remove it from the search results.

Not only that, the leading browsers, which work closely with the search engines and the blacklists, now prevent anyone from reaching it even if they type in the website address themself.

That will cut off your visitor traffic overnight and quickly destroy your business’ credibility

Remember what I said earlier: no website is ever 100% secure against hackers.

Therefore, the second most important step you can take is to have a clean backup of your site at all times. This is because the quickest and safest way to recover if your website is hacked is to delete it completely and restore it from a clean backup.

But to ensure you don’t lose valuable information your website must be backed up after any and all updates and, at the least, on a regular schedule.

Further, you need to check your site each day. Only by doing that will you know when it was hacked, and knowing when it was hacked will enable you to work out which is the latest clean backup.

If a scheduled backup runs before you realise the site is hacked, you would then be backing up a hacked version of your website – and restoring a hacked version will not fix the problem..!

Your software must always be kept absolutely up to date, security patches must be implemented immediately, you must always have a clean back up of your full website and you must react quickly to any problems that arise.

Here’s a summary of what we can provide – more details on each plan are below this table:

Features	Basic	Premium
Daily back-end check and problem fix	✓	✓
Daily front-end check and problem fix	✓	✓
Software updates and security patches	✓	✓
Register on Google and Bing	✓	✓
Fix problems you find	✓	✓
Site optimise checks	✓	✓
Monitor site uptime	✓	✓
Monthly reports	✓	✓
Regular full site backups	✗	✓
Firewall protection	✗	✓
Brute force protection	✗	✓
Lock down vulnerable areas	✗	✓
Restore hacked site	✗	✓
Remove it from blacklists	✗	✓
Password updates	✗	✓

To find out more please read the details below or:

WordPress makes it easy for you to update and manage your content without any need for technical expertise. However, just as you need to make sure the technical parts of your car are regularly checked, serviced and kept roadworthy, so you need to ensure that the technical parts of your WordPress website are maintained and kept up to date.

Failure to do so creates a security risk and increases the chances of your website being hacked.

There is one further thing to consider, though: very rarely, an up-dated plugin, theme or the WordPress core code itself, will conflict with the software that is already on your website, causing problems. When this happens we will, naturally, take care of it so that your site’s availability is maintained at the highest possible rate.

To help ensure your website is always running smoothly and efficiently, we offer a WordPress technical support, software updating and system maintenance service.

As part of this we will:

• Check your site each day and carry out all software updates and security patches required. (Depending on the applications running on your website, and the incidence of security threats, this could involve up to 20 or more security-related updates a month)
• Register your website with both Google and Bing and check it each day to make sure they have not logged any problems. We will deal with any problems found
• Visit your website and load up to 3 random pages each day to ensure everything is working as it should. We will deal with any problems found
• Analyse and fix any problems that you find and report to us
• Make sure your website is properly optimised so that it loads quickly and features as high as possible in the search results
• Monitor the availability of your website
• Send you reports each month of the maintenance activities carried out on your site

Price – HK$1,988/month

To find out more please:

As we said earlier, hacking websites is, sadly, one of the few growth industries around today. And the hackers are becoming ever smarter and more ruthless.

The surest and quickest way to recover from a hacked website is to delete it completely and restore it from a clean backup.

Prevent re-infection of your website

But there are also numerous other steps you will need to go through to recover safely and securely, and to prevent re-infection, if your site is hacked – changing passwords (in a number of different places), checking and possibly cleaning your computer, raising a Google site reconsideration request and so on. We can take care of all that for you with our Premium Plan.

In addition to everything in the Basic Plan, we offer regular full site backups, security monitoring and disaster recovery services.

As part of this, and in addition to the Basic Plan features, we will:

• Create full site backups of your entire website after content updates or, if no content updates are made, at least once a week (to ensure the latest security-related updates are captured)
• Create full site backups of your entire website after any changes to the website structure are made
• Set up firewall protection for your website
• Set up brute force protection for your website
• Lock down vulnerable areas of WordPress to prevent malicious activity
• In the event that your website is hacked, we will restore it from the latest clean backup within 24 hours (despite all the security activities we undertake no one can ever guarantee that your site won’t be hacked but, if it is, we’ve got you covered)
• Generate the Google site reconsideration request (if necessary)
• Change all passwords that we have control over and provide a list of passwords that we don’t control and which should be changed
• Send you monthly reports of all the maintenance activities carried out on your website.

Price – HK$2,988/month

Important note

We receive daily updates of new WordPress security risks from 2 sources: Sucuri and WPScan Vulnerability Database. This means that we are able to react very quickly to protect your site in the event that a security risk that’s relevant to your website is discovered.

To find out more please: