WordPress Security Hardening

 

One issue that can significantly affect your website’s SEO, creditability and the ability to attract and retain visitors is website security.  In 2016, Google reported that more than 50 million website users were warned by their software that a website they are visiting may contain malware or configured in a way that could leak information.  Unfortunately, many of these sites don’t even realize they are compromised.  And Google actively blacklists websites it discovers as having security problems.

WordPress is one of the most popular Content Management Systems today, which makes it a target for hackers.  Some site owners and web designers don’t realize that WordPress installs as a “development” platform, and additional work is required to make the website as secure as possible prior to being fully complete and launched publicly.

Many Web Hosts that install WordPress for you do not provide any WordPress security measures to prevent hack attacks.  We offer a full-service WordPress Security Hardening process that makes your website less of a target for hackers looking for a site to hack quickly.

Don’t be the victim of a ransom, hacking attacks, or being blacklisted by Google.  Have your website’s security hardened!

Service Options

Our three-tier service options allows you to choose which project level is best for your budget and your time frame.

Estimated Delivery Time
Weekly Backups
Update WP Continuously*
Update Plugins Continuously*
Update Themes Continuously*
Full Backup
Update WP
Update Plugins
Delete Unused Plugins
Report Abandoned Plugins
Disable Plugin Editor
Update Themes
Remove Unused Themes
Disable Theme Editor
Hide PHP Version
Hide PHP Errors
Hide WP Version
Hide REST API Links
Disable PHP Safe Mode
Verify MySQL Version
Disable WP Live Writer
Disable Debug or Development Mode
Prevent Folder Browsing
Prevent Code Execution from Unknown File Types
Prevent Username Sniffing
Check the WP Database Prefix
Update to the latest PHP Version
Block PHP Execution in the Uploads Directory
Hide XML-RPC EditURI from Header Data
Remove Known Unneeded Exploitable Files
Disable Default ADMIN Login
Disable Registration
Secure Login Form (SSL)
Limit Login Attempts
Fix File Permissions
Make DB Password "Strong"
Report if the Server Has Known Vulnerabilities
Enable SSL if Available*
Enforce Full-Site SSL*
Disable External iFrame/Frame/Object
Include X-XSS-Protection in Server Headers
Review Unwanted files in the Webserver's Root Folder
Install and Configure a Web Security Firewall
Yearly Maintenance Plan
$198/yr
6-7 Days
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
Basic
$200
5 Days
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
Advanced
$280
6 Days
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N
N

Ready to get started?

We are ready to start working on your project. Contact us and we’ll get the ball rolling!

Service Descriptions

* Keeping a WordPress website updated to the latest security releases is extremely important for site health. On our Yearly Maintenance Plan, we will provide Weekly Backup Services, Uptime Monitoring, and update your WordPress core, Plugins and Themes to the latest security versions throughout the year. No need to hire a developer to perform these services.

* SSL prevents hackers from stealing your visitor’s passwords and personal information. We will enable SSL on your server, if available form your hosting provider. Additionally, we will enforce SSL access on all pages and files on your website, especially the login form.

Note that some of these tasks will require various levels of access to your website, web server and hosting account. We will provide instructions on how to allow us access to your server without compromising your website’s security.

Ready to get started?

We are ready to start working on your project. Contact us and we’ll get the ball rolling!