Monthly updates, continuous monitoring and incident response within 24 hours. Most incidents I catch before you see them. The rest I fix the same evening. From €45 per month, no long-term contract.
What's included
No fine print. This is in every plan, from the base level.
All updates rolled out monthly, with staging-test on major versions. No automatic updates that break your site.
Continuous file integrity checks, abnormal traffic patterns, and plugin-CVE feeds. I get the alert before you notice anything. Backed by GuardingWP server-side scans for the attacks that WP-level scanners miss.
Daily off-site backups of database and files, 30-day retention. Restore within one business day in case of incident.
Image optimization, caching, lazy loading and database cleanup. Goal: load times under 1.5 seconds.
Brief summary of what was done, any alerts, and performance. No long PDF, just the facts.
Hacked, suddenly slow, strange behaviour? I respond within 24 hours, usually the same evening after 17:00 NL time. Cleanup, finding backdoors, closing the entry point, re-establishing monitoring, all included in the monthly fee. For online stores with hourly revenue, 24 hours is too slow, I refer those elsewhere.
Why WordPress maintenance matters
According to research by security firm Patchstack, the vast majority of hacked WordPress sites are running outdated plugins or themes with known vulnerabilities. The fix? Timely updates, a solid backup and periodic security checks. That's exactly what WordPress maintenance does. The full routine, including what you can safely skip, is in my WordPress maintenance checklist.
Want to know how your site stands first? GuardingWP runs a free scan against 11 vulnerabilities, instant results, no account needed.
Frequently asked questions
Monthly core and plugin updates, continuous monitoring with alerting, automatic backups, broken-link checks, a performance report, and incident response within 24 hours if something goes wrong. Small content tweaks fall within the hour budget.
Incident response is included in all plans. I respond within 24 hours, usually the same evening after 17:00 NL time, because I work on another project during the day. Concretely: cleanup, finding backdoors, closing the entry point, and re-establishing monitoring. For online stores with hourly revenue, 24 hours is likely too slow, so I refer those to Sucuri or Patchstack (24/7 emergency). For all other WordPress sites, this is more than enough.
Base plan starts at €45/month for one WordPress site (updates, backups, security). With hour budget for changes from €95/month. Prefer one-off jobs? That works too, no fixed commitment.
Outdated WordPress sites are the leading cause of hacked websites. Roughly 96% of WordPress hacks exploit a known vulnerability that was already patched. Timely updates prevent this and keep the site fast.
Yes, that's actually the most common scenario. I get access to your hosting and WordPress, do a baseline audit, and take it from there. No migration required.
Yes. A short monthly report with what was updated, any security alerts, and how the site performs. No long PDF, just the relevant info.
Sometimes that's the smarter choice, especially if the current site is slow, poorly maintained or hard to update. Read more about getting a new website built.
Ready to hand off your WordPress?
For sites that aren't (yet) in trouble. A 30-minute audit: updates, security, speed, hosting. Followed by honest advice, maintain with me or not. No sales pitch.
Site hacked or behaving strangely?
Fill this in briefly. I get the notification on my phone. Response within 24 hours, usually the same evening after 17:00 NL time. No auto-reply, no sales pitch. For online stores with hourly revenue: call Sucuri or Patchstack instead, they have 24/7 emergency response.