WordPress Security

The web is a fragile place. The bad news is that most businesses take almost no thought about the security of their site – until their site is hacked or spammed. The good news it that if you take basic security precautions now, the likelihood of your businesses losing revenue because of an attack becomes much lower.

With major security breaches and hacker strikes, there’s a lot to worry about on the web today. Many web users are concerned, and rightly so. This is where I can step in and help.

  • Point out the increase in attacks on WordPress and how much hacker activity is really out there. Show them the actual number of attacks and attempts on their site. Those numbers can be scary. But remember that your goal isn’t to scare people, your goal is to take care of it for them. Show them a problem exists and help them solve it.
  • Help them calculate how much their site is worth and what they’d lose if their site went down to hackers.
  • Compare online security to real world security as a simple cost of doing business. Clients put locks on their doors and install security systems to protect their income—they should do the same online.

1. Protection

First and foremost, you need to protect your clients’ sites. You need to roll out some security measures to stop the hackers, prevent the breaches and keep them safe.

2. Detection

Next you need to keep an eye on the perimeter and monitor what kind of shenanigans are going down on your clients’ sites. You need to know when attacks are happening, know when things are getting bad and if there might be potential vulnerabilities you can plug up.

3. Recovery

You need to be prepared to help your clients get back on their feet. No matter how good your security is, things happen. You need to be upfront with your client about this—no security is 100%. But you can help clean up. You can offer recovery and restoration services, from fixing hacks to completely restoring sites from a backup.

One-time security audit, and security monitoring setup

Monthly Security audit

Be Clear What You Offer

However you package your WordPress security monitoring, you need to make it clear what you’re offering and what you’re not. Your clients need to understand that there’s always a risk—selling WordPress security is about minimizing risk and allowing for quick recovery. You can’t promise perfect protection.

You should also make it clear what happens if your security measures fail and your clients’ site is hacked. You might need to bring in a security contractor to clean things up. Who pays for that? Is it part of your package or is it an additional charge? Make sure it’s clear upfront. You should either be charging more to cover the dreaded ‘what if?’ or your client should know the potential for additional costs.

  • Line up the extra services you’ll need, whether it’s off-site storage for backupor a security contractor to have on call (such as WP Security Lock orUnHack.Us).
  • Put together an educational piece to share basic security practices with your client—especially stuff you don’t have control over. This might be a PDF handout or you could create a series of short videos to walk clients through the basics of WordPress security.

Upsell the backup / combo package!