Defend your site from attacks you never knew existed.
On average, 30,000 new websites are hacked each day. WordPress sites are easy target for attacks because of plugin vulnerabilities, weak passwords and outdated version of the software. Most WordPress admins don’t even know they’re vulnerable, but with various security measures and tools, we can help you fix common holes, stop automated attacks and strengthen user credentials. Website security is a complicated subject and you don’t want to go at it alone, especially if you’re not quite sure how everything works. Pro Web Concepts provides instant support so you know our team is ready to help you when you need it.
Package Plan Information
Number of Installations
Our Basic and Pro Packages includes one WordPress installations. However, if you have a separate installation such as a forum, shopping cart, or membership system these are considered a separate site.
This fee includes the complete setup of your website’s security including many items, such as an audit of your system and WordPress files, server permissions, ftp accounts, WordPress user accounts, file change detection, 404 detection, host and user agents banning function, hiding login URL and email notifications etc. Then we tighten your site’s security to help keep hackers out.
WordPress Framework Security
Our audit team performs monthly security checks to keep your site secure by addressing any known vulnerabilities, inspecting login attempts, banning hosts and releasing lockouts etc. For example, if a plugin or theme you are using is found to be a security risk we will update or delete it right away. Every month, customer gets a complete report about the audit.
Security Plugin Configuration
Our WordPress developers and security team collaborate and install various security plugins that we use and trust. We buy the plugins, install them on your website and configure them as required in order to keep maximum security for the framework.
Our team knows when an update is available for WordPress software, plugins and themes. So we take care of all the upgrades required on your WordPress site up to date.
Our spam experts will inspect and check your WordPress site every week for spam (in the form of notifications, comment or forms) and delete if required.
Our team members inspect your website every week and evaluate pending comments. They will approve/disapprove/moderate them as per inspection. The relevant ones will get published and spam stuff will be banned with the host they are coming from. We also make sure that all the forms on the website including comment form will have a captcha validation.
Our database programming team will evaluate your database and will work on making its operation faster and efficiently by removing/optimizing post/page revisions, orphaned postmeta, commentmeta, dashboard transient feeds, and optimize your database overhead monthly. From the security prospective, we will make sure that there is nothing defaults with your database setup which comes with WordPress install. For example, we will change the database table prefix.
Brute Force Attacks
A host can try multiple combinations of login id and password as by default WordPress doesn’t limit the login attempts. It will always let you try again. Enabling login limits will ban the host user from attempting to login again after the specified bad login threshold has been reached. Our security team will make sure that if a host attempts to login multiple times, they will get banned and locked out for a specific time and it there are multiple lockouts, the host will be banned permanently.
Our security department will scan the WordPress core files and theme files for malwares and keep the log of the possible malware/scripts/injections. We fix the files if there is any malware found.
This protection involves various measures. For example, our security team will make sure no PHP script is executable in comment form or in the UPLOADS folder by any mean. We will make sure there are no long suspicious urls, removal of generator meta tag, removal of window live writer and RSD header, hide WordPress version, disable the editor within the admin panel to secure WordPress theme files, disable login error message to add extra security layer to error log and force users to choose unique nickname. We also make sure that the users having no posts are disabled at the front end.
Being an open source nature of WordPress framework, there are immense possibilities of conflicts between third party plugins and themes. Our team will fix if such situations arises. One of the major symptoms of such situation is a White Screen of Death when you open your website. For example, if you install a plugin to your website and somehow it results breaking up the website, we will inspect and fix it for you.
Our team review your website continuously and keep track of overall situation. If you get locked out or blacklisted from of your site die to login attempts or multiple 404 executions, we will rectify the situation for you by resetting your credentials. All you will need to do is write us a support ticket and we will react immediately (a max of 24 hours). We always keep track of your website and notify you if we notice any downtime or any other issue.
For a situation when your website is hacked, our auditors will fix the website through various manual methods. We do not use an auto-cleanup script. Our security professionals will inspect and remove all malware/viruses/malicious injections and close any known security holes. We scan your site daily for malware, blacklisting and File changes etc.
We will install a backup system on your WordPress website. We will schedule and maintain backups for your site, including daily database backups and full-site backups. All backups are stored offsite for security. We will also add the migration system with the help of which website migration will take only few minutes to restore your website.
You can submit a support ticket to our technicians for assistance with the following items:
- If you are facing issues to access your website front end or backend.
- Installing/configuring a plugin
- Make a small change to your theme
- Adding a new widget
- If you have locked yourself with failed login attempts or multiple 404 bans, we will reset your login.
- Any other configuration related issue to the security setup.
Priority Customer Support
Priority customers will get up to 15 support tickets a month. Plus you can talk to our technicians directly in case you need.
Frequently Asked Questions
Are my login details safe if i share it with your organization?
Your information and logins remains safe with us. We will not share your private data.
What if you loose my website data in case of something goes wrong during the audit?
We make a backup before any work is performed. So your website data is always safe with us in case there is anything wrong during the audits.
Is my website in safe hands?
All services are done from qualified WordPress experts.
What if my site got infected from your network or computer?
Our computers are behind a secured firewall.
How can i contact your team in case there are questions?
We’re available via phone, email and Skype to answer your questions.
What are the areas/ sections you will work on my website?
A thorough inspection of your server configuration, database, WordPress files, themes and plugins.
How i will know the items you performed?
Report of your website’s vulnerabilities and a complete report of all the tasks performed each month.
What are the Guarantees?
Due to new malicious scripts and ever-changing technologies, it’s impossible for us to guarantee 100% that your website will never be compromised in the future but it will definitely secure from all known holes and leaks.