WordPress Security Maintenance Plan

Your website is built on an open source CMS platform—WordPress. (or Drupal) Thousands of developers are writing and testing updated code for the platform on a daily basis—that’s part of what makes it “open source”. This results in a number of release updates, sometimes weekly, that include new features, security updates, and bug fixes. Most important are the security updates. There is usually one critical security fix affecting the core technology every 1-2 months. There are also various updates to custom add-on plugins used in the CMS every month or so. If the security updates are not implemented the following things could/will happen:

  • Your site gets hacked and malware/spyware is inserted into the site, potentially infecting all site visitors.
  • Malicious code is injected into your site, possibly redirecting it to another site, and/or your site goes down or functions stop working correctly.
  • A virus gets into the site and infects the server, destroying programming code and files.
    Someone or something gets into the site, stealing user data, deleting user records, and deleting programming data built into the site database.
  • If any of the above situations happen, significant time will need to be spent identifying the hack, neutralizing it, and repairing any damage it may have done. It may take several days to get everything fully functioning again.

Our maintenance update process takes the following steps to help insure those things don’t happen:

  • Monthly website review for updates to core, widgets, and plugins.
  • Software licenses used to build your website (Elementor, etc..) $150yr value.
  • Remain your website’s main contact for communicating updates.
  • 24-48hr response window to any critical security updates (M-F, 9AM–6PM)

If updates are necessary, we will do the following:

  • Notify you that we need to freeze the site for updates or maintenance.
  • Create a backup of your site and database.
  • Upgrade the site and plugins, one at a time.
  • Test the site to make sure everything is working properly after each update/upgrade.
    Make adjustments/fixes to the site if the updates affected display, performance, or functionality. (“broken theme”)
  • 2 hours of development time are included to fix a broken theme. Additional time may be necessary due to severity. We will provide you with a cost for your approval before any work is started.
  • If you choose not to have us fix the theme, you can have us revert the plugin/update to the previous version. If you choose to revert the update, this may also end our contract which you will be given a prorated refund. Your site will however still remain vulnerable to attack.
  • Upload the updated site back to production and take live.
  • Notify you of the update.

Benefits to keeping your site up to date:

  • New features may come with these updated plugins and core theme.
  • Confidence that an experienced team is overseeing notifications from your site and immediately acting to resolve any issue.
  • Peace of mind that your website properties are less vulnerable.
  • Reliable and known partner available to resolve any issues with your site.


  • One-Time Upgrade

  • $250/mo
    • We will update and backup your site one time per the details above.

  • Yearly Plan

  • $500/mo
    • We will do all of the following items above on a monthly basis.
    • Includes software licenses when we build your site.
      Note: Larger site costs may vary.