WordPress Software Maintenance and Site Security Plans

Websites are not simply a set and forget tool. Just like your car, your computer and your office equipment, they need to be maintained.

Screenshot of WordPress update page

The most likely effect of not maintaining your website is that it will be hacked.

Security for your website and business is your responsibility – just as it is for your home and your physical (bricks and mortar) business. Would you leave those without protection?

Implications of a security breach:

When your website is hacked not only do you suffer the loss of data, loss of orders and consequent loss of money, your brand reputation takes a huge hit when visitors to your website are confronted by this:

Google Firefox hacked website warning

Even more so if one of your customer’s computers became infected as a result of visiting your compromised website.

Are you willing and able to invest the time it takes to administer and maintain a dynamic, accessible world-wide 24×7, database-driven, interactive, user-authenticated website?

Do you have the knowledge, time and resources to respond to the constant flow of new Internet security threats?

We do.

We offer technical support, security monitoring, disaster recovery and system maintenance options for WordPress websites. More details in the following sections, or click the button below to ask us for more information!

Why would you need a maintenance service?

Because, unfortunately, hacking websites is a growth industry:

The trend of WordPress infections from 2013 to 2016

Courtesy of Sucuri Security

Note that the 2016 figure is for one quarter, not a full year.

Here are two quotes from the same study the graph above comes from. It’s of 11,485 hacked websites (of which 8,958 were based on WordPress) undertaken by Sucuri through the first quarter of 2016:

“. . . As of March 2016, Google reports that over 50 million website users have been greeted with some form of warning that websites visited were either trying to steal information or install malicious software. In March 2015, that number was 17 million. . . .”

That’s a 294% increase in one year – pretty spectacular by any standards.

And just in case that wasn’t enough:

“. . . Google currently blacklists close to ~20,000 websites a week for malware and another ~50,000 a week for phishing . . .”

Think your website is too small to be hacked? Unfortunately not.

The hackers aren’t interested in whose site they hack, or how big it is, they just want control of as many sites as possible to add to their ‘assets’. These assets are then used to infect visitors’ computers, carry out denial of service attacks, redirect users to porn or pharmaceutical sites or whatever other nasty scheme they come up with.

The leading cause of hacked WordPress websites

The top reason why WordPress sites are hacked is because the webmaster, or site owner, has not kept their plugins and other software up to date. A different study illustrates the point:

Graph of the different ways hackers gain access to WordPress websites

Courtesy of WordFence

More than 55% of all WordPress websites that were hacked were hacked because a plugin was not up to date. It is the top cause of hacked WordPress websites by a spectacular margin.

We cannot stress enough the need to keep all the software on your site bang up to date.

Your website needs constant monitoring and maintenance to ensure all the software is up-to-date and all security patches have been implemented. Because, if it is hacked, the search engines will discover it very quickly and remove it from the search results.

Not only that, the leading browsers, which work closely with the search engines and the blacklists, now prevent anyone from reaching it even if they type in the website address themself.

That will cut off your visitor traffic overnight and quickly destroy your business’ credibility

Backup, backup, backup..!

Remember what I said earlier: no website is ever 100% secure against hackers.

Therefore, the second most important step you can take is to have a clean backup of your site at all times. This is because the quickest and safest way to recover if your website is hacked is to delete it completely and restore it from a clean backup.

But to ensure you don’t lose valuable information your website must be backed up after any and all updates and, at the least, on a regular schedule.

Further, you need to check your site each day. Only by doing that will you know when it was hacked, and knowing when it was hacked will enable you to work out which is the latest clean backup.

If a scheduled backup runs before you realise the site is hacked, you would then be backing up a hacked version of your website – and restoring a hacked version will not fix the problem..!

Your software must always be kept absolutely up to date, security patches must be implemented immediately, you must always have a clean back up of your full website and you must react quickly to any problems that arise.

We can take care of all that for you …

Here’s a summary of what we can provide – more details on each plan are below this table:

Features Basic Premium

Daily back-end check and problem fix

Daily front-end check and problem fix

Software updates and security patches

Register on Google and Bing

Fix problems you find

Site optimise checks

Monitor site uptime

Monthly reports

Regular full site backups

Firewall protection

Brute force protection

Lock down vulnerable areas

Restore hacked site

Remove it from blacklists

Password updates

To find out more please read the details below or:

Basic Plan – technical support, software updates and system maintenance

Image of maintenance tools representing WordPress website maintenance servicesWordPress makes it easy for you to update and manage your content without any need for technical expertise. However, just as you need to make sure the technical parts of your car are regularly checked, serviced and kept roadworthy, so you need to ensure that the technical parts of your WordPress website are maintained and kept up to date.

Failure to do so creates a security risk and increases the chances of your website being hacked.

There is one further thing to consider, though: very rarely, an up-dated plugin, theme or the WordPress core code itself, will conflict with the software that is already on your website, causing problems. When this happens we will, naturally, take care of it so that your site’s availability is maintained at the highest possible rate.

To help ensure your website is always running smoothly and efficiently, we offer a WordPress technical support, software updating and system maintenance service.

As part of this we will:

  • Check your site each day and carry out all software updates and security patches required. (Depending on the applications running on your website, and the incidence of security threats, this could involve up to 20 or more security-related updates a month)
  • Register your website with both Google and Bing and check it each day to make sure they have not logged any problems. We will deal with any problems found
  • Visit your website and load up to 3 random pages each day to ensure everything is working as it should. We will deal with any problems found
  • Analyse and fix any problems that you find and report to us
  • Make sure your website is properly optimised so that it loads quickly and features as high as possible in the search results
  • Monitor the availability of your website
  • Send you reports each month of the maintenance activities carried out on your site

Price – HK$1,988/month

To find out more please:

Premium Plan – everything in the Basic Plan plus security monitoring and disaster recovery

As we said earlier, hacking websites is, sadly, one of the few growth industries around today. And the hackers are becoming ever smarter and more ruthless.

The surest and quickest way to recover from a hacked website is to delete it completely and restore it from a clean backup.

Prevent re-infection of your website

Picture of security cameras representing security monitoring services for WordPressBut there are also numerous other steps you will need to go through to recover safely and securely, and to prevent re-infection, if your site is hacked – changing passwords (in a number of different places), checking and possibly cleaning your computer, raising a Google site reconsideration request and so on. We can take care of all that for you with our Premium Plan.

In addition to everything in the Basic Plan, we offer regular full site backups, security monitoring and disaster recovery services.

As part of this, and in addition to the Basic Plan features, we will:

  • Create full site backups of your entire website after content updates or, if no content updates are made, at least once a week (to ensure the latest security-related updates are captured)
  • Create full site backups of your entire website after any changes to the website structure are made
  • Set up firewall protection for your website
  • Set up brute force protection for your website
  • Lock down vulnerable areas of WordPress to prevent malicious activity
  • In the event that your website is hacked, we will restore it from the latest clean backup within 24 hours (despite all the security activities we undertake no one can ever guarantee that your site won’t be hacked but, if it is, we’ve got you covered)
  • Generate the Google site reconsideration request (if necessary)
  • Change all passwords that we have control over and provide a list of passwords that we don’t control and which should be changed
  • Send you monthly reports of all the maintenance activities carried out on your website.

Price – HK$2,988/month

Important note

We receive daily updates of new WordPress security risks from 2 sources: Sucuri and WPScan Vulnerability Database. This means that we are able to react very quickly to protect your site in the event that a security risk that’s relevant to your website is discovered.

To find out more please:

Let’s put a professional maintenance plan in place

It may be helpful to see what others have said about the level of service we provide (we are, of course, biased!). If that would be interesting please click here.

Let us take the worry and workload off your shoulders – to find out more about our WordPress security monitoring, technical support and system maintenance services please:

We look forward to hearing from you!

Website Hosting
Hosting is the foundation on which websites are built – give your site a foundation of rock and get a great performance boost (at a great price!): click here.