I offer a WordPress security and maintenance service for small businesses who don’t want the hassle of looking after their own site security. My service offers:
- WordPress Updates. I add your site to the list of many others in my automated update system. When new themes, plugins, and WordPress versions are released, these are automatically applied and notified periodically. You don’t need to worry about the updates mounting up.
- WordPress Security. I install and manage Wordfence and Sucuri tools on your site, act as the notified person on your behalf for any security intrusions, and take the necessary action on any issues which may arise.
- WordPress Installation Backups on a nightly basis. If your site is ever compromised or if you accidentally delete important data, I can always reload last night’s files with a one-click restore. This backup will be securely stored in Dropbox (off of your server). Probably more efficient than contacting your web host for a restore.
This service is available even if your site is not one I created or host. The Update and Security services are included in the service I offer my own hosting customers, and they are £95 a year for those whose sites are hosted elsewhere. The Backup service is £30 a year extra for both my-hosted and elsewhere-hosted customers (do check that a suitable backup service is not already being provided by your host first). Click here to get your web site put into my maintenance and monitoring system. Note: I will need your hosting control panel and WordPress log in details.
Why is WordPress security necessary?
WordPress is a fantastic tool for managing your own web site. Its popularity makes it an ideal target for spammers and hackers. They can use the system to embed suspicious scripts and other nasty spam / malware elements. However I have plenty of experience of dealing with these kinds of problems and I have a number of tools I can deploy to keep your site secure. I also monitor all sites I host for any irregular behaviour. Many designers expect you to monitor WordPress security yourself, but sadly without regular application of security patches, not following good practice for usernames and passwords, and not using tools such as WordFence, it’s just a matter of time before a site is compromised.
Increasingly over the past few years, customers come on board with me through a “distress purchase” situation. They may have had lots of spam posts, comments or links added. Or worse, the entire site is unavailable or has been defaced. Some of the “payloads” that can be dropped on to insecure web sites include bank phishing exploits and ransomware, which then infects other people’s computers. For some live examples of the sort of malware currently doing the rounds, scroll to the end of the page. There is a feed from myonlinesecurity.com with information on current infections. Many of these will have come from infected web sites.
How I can help
When I act as security admin for your site, I monitor the WordPress installation and receive all the automated notifications of hack attempts. When I spot anything unusual I will let you know, advise what needs doing. I can also take the necessary action to rectify the situation. WordPress backups can be restored if key data is lost for any reason. I will also apply the periodic updates to WordPress itself, plugins and themes. This will be at least quarterly, and even more frequently when critical patches are released. This service doesn’t guarantee your site will never be hacked – sadly the hackers are sometimes one step ahead of the good guys who write the preventative software. But you will have the peace of mind of knowing someone is on the case should the worst happen.
I also regularly help people out over the internet and Twitter, who have had their sites hacked. Usually I can help them to identify and rectify the problem. Don’t let all of this put you off using WordPress. Your site is not at risk to your site as long as security is properly managed. And don’t leave your site forever with a basic default “admin”username and a password of “password”.
Myonlinesecurity latest updates
Scanned image from MX-2600N malspam delivers Locky ransomware using Word DDE exploit
[My Online Security] 2017/10/20 19:24
Another Locky ransomware campaign using the DDE exploit is hitting the UK again ( and probably other countries at same time) with an email with a su…
Fake Swift Copy message delivers fareit trojan
[My Online Security] 2017/10/20 15:48
The next in the never ending series of malware coming as email attachments is an email with the subject of Re: due invoice pretending to come from …
more Locky ransomware delivered via DDE exploit pretending to come from your own company or email address
[My Online Security] 2017/10/20 13:41
A second big Locky ransomware campaign using the DDE exploit hit UK late last night ( and probably other countries at same time) with an email with …