Backup, Security and Performance Services

$35.00 / month and a $99.00 sign-up fee

We offer affordable yet comprehensive maintenance services to keep your site up-to-date and secure from hackers, spambots and other threats. Read the description below for all of the details.



The need

Over the past year, there has been a dramatic increase in hacking attempts on WordPress powered websites since it is the leading open source Content Management System (CMS) and is used by 27.2% of the top 10 million websites on the Internet. The WordPress ecosystem is a highly collaborative system which relies on thousands of volunteer programmers who constantly update the WordPress core as well as a huge repository of “plugins” (software apps/modules) with input from security experts and others. As a result, ongoing weekly updates, as well as uptime and security monitoring are essential components in keeping your website secure and functioning properly, especially in light of the recent increases in “brute force” and other attacks. To learn more, visit:

No site is completely immune from being hacked (as we have seen from recent news stories and wiki leaks revelations), however, our job is to make it difficult for hackers so they move on to someone else’s site that is less secure than yours. And if your site does get hacked, we’ll know about it instantly and be able to remove the malicious code and restore the site.

Why hackers do what they do:



Taken from:

 How do you know you’ve been hacked?

Clear indicators of a hack include:

  • Website is blacklisted by Google, Bing, etc.
  • Host has disabled your website
  • Website has been flagged for distributing malware
  • Readers complaining that their desktop AV’s are flagging your site
  • Contacted that your website is being used to attack other sites
  • Notice behavior that was not authorized (i.e., creation of new users, etc…)
  • You can visibly see that your site has been hacked when you open it in the browser: Examples:
    • Defacement – digital graffiti is found on your site
    • Links on your site that take you to another site
 Potential Repercussions

It depends on which of the above has happened, and if your site actively sells goods or services or not. If you make a living from your site, it can be very costly. At minimum, it’s a nuisance. It takes time and therefore money to remove the offending software/hack — sometimes upwards of 5-10 hours to root out all problems.

What we will do
  1. Daily and Weekly Backups: Backups are extremely important – not only in case your site is hacked but also to protect against errors caused by updates to the WordPress core software, plugins and themes. If your site was created by BentonWebs, we already do weekly backups to your hosting account but you also need a daily backup. And these backups need to be stored somewhere other than the same server that is hosting your website – in case your host’s server goes down or they inadvertently delete your site (which we have had happen previously). We’ll do that for you using Dropbox and we’ll keep 4 weeks of weekly backups.
  1. Weekly WordPress Core, Theme and Plugin updates: All these various forms of software are updated regularly to add additional features/functionality and to patch security holes. Hackers look for and often exploit vulnerabilities in the WordPress core code and within plugin and themes. Fortunately, WordPress developers and external security experts discover these vulnerabilities and notify the appropriate parties so they can release updates. However, your site needs to be updated as soon as possible after the patch/fix is released. These updates are now happening so frequently, that unless your site is being updated weekly, you are at much higher risk of being hacked. We will update your site to the newest versions of these apps on a weekly basis. If your site already has a staging domain or subdomain we’ll test the updates there first. If not, we’ll create a staging subdomain (provided this feature is supported by your host) so we can test updates there before pushing them to the “live” site.
  1. Security Hardening: We’ll install the leading WordPress security plugin – WordFence  – and tune it to make your site less vulnerable to potential hackers. This plugin features a variety of tools to harden your site: brute force attack (robots trying to guess passwords) prevention, firewall, etc. We’ll also set it up to scan for files that are not in the existing repository of WordPress core and plugin files so that if a hacker inserts malicious code (malware, spamvertizing, etc.) we’ll know about it and be able to remove it right away.
  1. Support, troubleshooting and removal of problems: This not only includes being hacked, but also unexpected issues that arise as a result of WordPress, Plugin or Theme updates. For example, one of our client’s site pages were turned into random illegible characters by an update to one of the plugins. Whenever this happens, it takes time to figure out what happened and fix it. We’ll do that as part of your monthly fee.
  1. Add SSL/TLS (https://):
    Using a secure connection is an important part of WordPress security. If your site starts with ‘https://’ and is green (in most browsers) or has a lock icon, that indicates it is using SSL/TLS. Signing in via HTTPS and having your visitors complete forms via SSL/TLS insures that your login information is sent encrypted across the network and that someone listening in can’t steal your or your clients’ username and password or data. Later this year, Google and Firefox will start giving a warning if someone fills out a form and the page is not SSL/TLS.If your site isn’t already SSL/TLS, depending on your host, this may involve purchasing an HTTPS certificate from a Certificate Authority. They cost anywhere from free to approximately $100 dollars/yr depending on what kind of certificate you buy and who you purchase it from. We will install the certificate if you have a hosting company that offers free SSL/TLS. If not, we can help you purchase it from your host and set it up for you. This setup is included in the $99 one-time setup fee.
  1. Performance and Security Optimization: The performance of your site – how fast your pages load – is very important. If people find your site, but it takes too long to load, your visitors are going to give up and go on to something else. Google knows this and therefore now includes site speed as one of their ranking factors. So, how do you speed up your site? By using a Content Delivery Network (CDN). A CDN speeds up your website by loading static resources (images, javascript files, html, stylesheets, etc.) from a data center nearest to your user, instead of from your web hosting server. Physical proximity has a very real effect on load times, so this can drastically improve your page load times. But it’s not just about speed – using a CDN also frees up your bandwidth by handling the transfer of most of your large files. A CDN also protects itself and all the data it stores as well as a website’s origin from any data breaches or internet hackers. The most common data threat are various forms of distributed denial of service (DDoS) attacks. A CDN has proper techniques for preventing, detecting and correcting different forms of DDoS attacks. Prevention measures such as HTTP load balancing have an always-on approach, making sites less vulnerable to attacks. Detection systems within a CDN look for suspicious behavior and highlight the need for additional investigation and action. An example of a detection might be a traffic surge in which case the CDN provider has systems in place to automatically notify those responsible for the website. Corrective measures such as secured DNS will block out unwanted requests while continuing to allow trustworthy requests to continue being served. Finally, if your server goes down, Cloudflare will serve your website’s static pages from their cache.

    We will set up the Cloudflare free plan for your website. Cloudflare is one of the top 5 CDN’s and has a free plan that covers many of the basics. We will tune it using the same settings we use for our own site.

  1. Uptime monitoring: We’ll install Jetpack, which provides monitoring of your website’s uptime and it will notify us if your site goes down so we can investigate and get it back up.