WordPress Security & Hack Recovery

Contact Me about this service.

I help WordPress websites come back more secure, getting them back online after a major hack. I’ve helped private and government organizations in the USA and Canada defeat repeated attacks. They stay online persistently with my approaches as long as their own managed hosting companies take security as seriously as I do.

I can also provide my Site Maintenance and Security Hardening (SMASH) service under any of my FlexSupport plans to keep sites secured as the General Data Protection Regulation (GDPR) begins to make it’s influence felt in the USA. SMASH is individually priced based on a paid evaluation of website complexity. In most cases SMASH can provide a secondary, offsite backup routine independent of your hosting service for more granular control over  recovery in case of future problems.

This service can also be used to adjust a WordPress website for correct use of SSL. I’ve converted many WordPress websites to SSL, including operations-focused websites with paywalls and member portals.

WordPress is notorious for security vulnerabilities…

…but most of the time this is not the software’s fault. There are highly insecure ways of implementing WordPress, especially if you start and end with it’s default installation configuration. The cost of remediating a hacked website is dependent on access to backups with clean source files, how much system modification is required to implement the site safely after the hack, the desired target installation configuration (such as nesting multiple WordPress websites within a single hosting environment) and the degree to which your client’s web hosting company supports secure practices for WordPress. If you or your client is using GoDaddy®, DreamHost®, or Site5®, we cannot secure their WordPress site satisfactorily, or recover it from a hack. These web hosts do not provide the appropriate environment for hosting more secure WordPress websites on a continuing basis, or possess the expertise of their own hosting environments required for this to be implemented properly in my experience.

This service can incur additional charges for sending a WordPress theme to a cleaning company in the event your client’s original clean theme source files are unavailable from a backup or otherwise. The cost for additional plug-ins or code services to obtain the desired results often incurs additional licensing fees and training time for your agency staff in order to understand what it is I did and keep it as safe as possible.

This service can cost a minimum of $1200.00 per website or domain, depending on how things have been structured, and will be accompanied with documentation describing what was done, including the security configuration that was implemented based on your client’s unique needs. This documentation will be sufficient so that a WordPress Integrator or IT person can repeat these configurations for other clients as well. This documentation might not be understandable by a WordPress Designer, since it assumes familiarity with aspects of WordPress that only Integrators usually posses.