Loading…
Updates, daily backups, real-time threat detection and incident response — looked after by the team that builds the security plugin, writes the CVE analysis and holds the Cyber Essentials certificate. From £89/month.
We'll honestly tell you which one fits on the discovery call. No bundling unlimited hours we can't actually staff, no hidden fees, no long contracts.
Set and forget
Hands-off maintenance and security for brochure sites, sole traders and small portfolios.
+ £249 one-off onboarding
Looks after itself
The sweet spot for SMBs running lead-gen, bookings, forms or membership sites.
+ £249 one-off onboarding
Mission-critical
For e-commerce, agencies and sites where downtime or breach is genuinely expensive.
+ £249 one-off onboarding
Bespoke retainer
Multi-site portfolios, complex WooCommerce, or organisations needing CE Plus prep.
+ onboarding scoped per engagement
All prices ex. VAT. 30-day notice to cancel. Read the small print.
Eight services that protect, maintain and improve your site every week — without you having to think about it.
Real-time threat detection via Obsyde Aegis. SQLi, XSS, brute-force and bot attacks blocked at the WordPress layer; auto-blocking tiered from 1 hour to permanent.
Encrypted backups stored away from your host. 30-day retention as standard, 90-day on Business+. One-click restore if anything goes wrong.
Core, plugin and theme updates applied weekly with a staging-first workflow on Pro and above. Visual regression checks for critical pages before going live.
5-minute external checks across multiple regions. We're alerted before you are — and you get a real human looking at the cause, not just a Slack ping.
Quarterly Core Web Vitals review, image optimisation, cache tuning, database cleanup. We track real-user INP/LCP, not just synthetic scores.
Malware removal, root-cause analysis, full rebuild from clean backup, and a post-incident report you can share with stakeholders or your insurer.
Pro and above get a dedicated staging clone so we can test plugin updates, theme changes or your own dev work without risking production.
UK time zone, response from someone who actually knows your stack. No tier-1 script reading, no ticket trees, no being told to clear your cache.
Most WordPress care shops bolt on a third-party security plugin and call it a day. We built our own.
We hold UK government Cyber Essentials certification ourselves — not just talk about it. Clients in regulated supply chains can list us as a CE-aligned provider.
We write CVE analysis the day vulnerabilities drop and run a live threat-detection product. Your site benefits from research-grade security, not template care plans.
Every plan includes our own real-time security plugin (worth £14.99–£29.99/mo on its own). Same dashboard you'd buy direct — plus a human running it for you.
Strict hour caps. Clear scope. No bundling unlimited support hours we can't actually staff. The boring promise: we deliver what we said we would, and tell you early if scope creeps.
Whether you're on a care plan or not, we'll help with one-off engagements.
£249
one-off
Site audit, migration prep, security baseline, monitoring setup. Required for all new clients.
From £799
one-off
Malware removal, root-cause analysis, clean rebuild and a post-incident report. Same-day start.
£349
one-off
Full Core Web Vitals audit, caching strategy, image pipeline, database tuning. 15-page report + implementation.
£1,200
one-off
End-to-end Cyber Essentials readiness for your business. Gap analysis, remediation, assessment paperwork.
£499
one-off
Payment gateway, tax, shipping zones, GDPR cookie banner, abandoned cart recovery, transactional email.
£85
per hour
Beyond your tier's allowance. Bookable in 30-minute blocks. No minimum commitment.
Four steps. Two weeks from first call to fully managed.
30-minute call to understand your site, business and risk profile. We'll honestly tell you which tier fits.
We audit hosting, plugins, theme, backup state, security posture and Core Web Vitals. You get the report whether or not you proceed.
Aegis installed, backups configured, monitoring wired up, staging set up (Pro+), and a baseline snapshot taken.
Weekly updates, daily backups, monthly report. Real human on the other end of any incident, every time.
More questions? Get in touch — real answers, no sales pitch.
No. We manage your site wherever it lives — SiteGround, Krystal, Kinsta, WP Engine, Cloudways, shared hosting, your own VPS. If hosting becomes the bottleneck we'll tell you honestly and recommend a move, but we don't earn commission either way.
Essential and Pro tiers include emergency triage and clean restore from your latest backup. Business and Enterprise include full hacked-site recovery (malware removal, root-cause analysis, post-incident report) at no extra cost. Non-clients can engage us for emergency recovery at the rates listed in our add-ons.
Yes. All monthly plans are rolling — cancel with 30 days' notice. No long contracts. The onboarding fee is non-refundable because we do the work upfront, but the recurring care doesn't lock you in.
Because every plan includes our Aegis security platform (which retails separately from £4.99 to £29.99 per month), and because we're cybersecurity practitioners running this hands-on, not a queue of junior support staff. If you're price-sensitive and the security angle isn't critical for you, generic maintenance shops at £29–£49 a month exist and that's a fair fit — we just don't pretend to compete at that tier.
Small text updates, swapping images, publishing a blog post you've drafted, fixing a broken link, updating opening hours, adding a new staff profile. Anything bigger — page redesigns, custom development, new templates — is billed against your tier's dev hours allowance or charged at £85/hour.
Yes — Business and Enterprise tiers include WooCommerce-specific monitoring (failed payments, abandoned cart health, transactional email delivery). WooCommerce setup and migrations are available as a one-off add-on.
Overage is billed at £85/hour in 30-minute blocks. We'll always email you for approval before going over your allowance — you won't get a surprise invoice. Unused dev hours on Business and Enterprise tiers roll over one month.
We're Cyber Essentials certified ourselves and can prepare your business for certification (gap analysis, remediation, assessment paperwork) as a £1,200 one-off engagement. We don't currently act as a certifying body — we partner with IASME-licensed assessors for the formal certification step.
30-minute discovery call, free site audit whether or not you proceed, and an honest tier recommendation. No pressure, no sales script.
30 minutes. No commitment. We'll audit your site for free either way.
Start a ConversationHacked-site recovery starts from £799. Same-day start — contact us now.
Recovery Help