Protect Your Website With Our WordPress Security Hardening Service

Did you know that 42% of websites are made with WordPress? This also makes it the most hacked CMS system due to its popularity!

All Sites Need Security Protection

When it comes to owning a website you need to take security very seriously. A hacker doesn’t care if your website gets accessed by 1 person or 50 a day, Their aim is to target vulnerable sites that can be easily manipulated for their gain. This could be to make a financial gain or to make people aware.

By taking enhanced security steps now it will reduce the likelihood of this happening to you, instead of needing to pay even more to remove the malware.

Bronze Website Hardening

£ 150 / One Time

Login 2FA
SSL Certificate
Security Headers
Disable XML-RPC
Change Admin URL
Update PHP Version
Limit login attempts
Firewall Implementation
Disable directory browsing
Disable WordPress file editing
Change the WordPress Database Prefix
Malware Scan for existing issues

Order Now

Silver Website Hardening

£ 30 / Month

- One Time -
Login 2FA
SSL Certificate
Security Headers
Disable XML-RPC
Change Admin URL
Update PHP Version
Limit login attempts
Firewall Implementation
Disable directory browsing
Disable WordPress file editing
Change the WordPress Database Prefix
- Reoccurring Tasks -
Weekly Backups
Weekly Theme Updates
Weekly Plugin Updates
Weekly Malware Scanning
Weekly Patched Vulnerabilities

Order Now

Gold Website Hardening

£ 50 / Month

- One Time -
Login 2FA
SSL Certificate
Security Headers
Disable XML-RPC
Change Admin URL
Update PHP Version
Limit login attempts
Firewall Implementation
Disable directory browsing
Disable WordPress file editing
Change the WordPress Database Prefix
- Reoccurring Tasks -
Daily Backups
Daily Theme Updates
Daily Plugin Updates
Daily Malware Scanning
Daily Patched Vulnerabilities

Order Now

How Do We Enhance Your WordPress Security?

Why Do I Need Your WordPress Security Service?

Did you know that 42.60% of websites on the internet are made with WordPress? This also makes it the most hacked CMS system due to its popularity!

You might be thinking why should I enhance my WordPress security, I have a small personal website that attackers won’t have any interest in. Unfortunately, that’s not the case, hackers run website crawlers and botnets to find websites that can be easily hacked through vulnerabilities then inject malware even if your website is small.

Our service is to make sure this minimises the risk of this happening by fixing already known WordPress issues and hardening your security, setting the correct file permissions. Each plugin you install increases the risk of your website being hacked as the plugin itself can have vulnerabilities which is why it is important to do this process sooner rather than later!

Free WordPress Security Audit

Security Plugins We Recommend

To make your WordPress website even more secure we recommend using at least one of these WordPress security plugins. If you are security freaks like us we use each plugin for different purposes in case another plugin misses a vital attack.

Even though these are the best WordPress security plugins on the market they can all sometimes miss an attack which is why we have more than one enabled.

Each plugin has its own niche features that are handy for every WordPress owner when it comes to security!

Wordfence

WordFence security scanner checks core website files, plugins, and themes for malware, backdoors, spam, code injections, and bad URLs. The scanner also compares your website with WordPress.org repository and identifies any common security vulnerabilities. This safety check allows you to be secure and avoid any harmful URLs.

Wordfence security screenshot

Defender

Adding Defender to your WordPress website will help protect it from a variety of different attacks, including brute force attacks, SQL injections, cross-site scripting, and more. Defender will help keep your website safe with malware scans, antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication login security.

Wordpress defender plugin screenshot conor bradley digital agency

Sucuri

The Sucuri WordPress plugin is available for free installation in the WordPress repository. It comes with features that help to keep your website protected, including hardening features, malware scanning, core integrity check, post-hack features, and email alerts.

Wordpress sucuri plugin screenshot conor bradley digital agency

iThemes Security

The plugin provides a real-time WordPress security dashboard that monitors security-related events on your site around the clock. The iThemes Security Dashboard is a dynamic dashboard that will show you all of your WordPress website’s security activity stats in one place. This will include stats on brute force attacks, banned users, active lockouts, site scan results, and user security stats.

Wordpress ithemes plugin screenshot conor bradley digital agency

Simple rules:
It doesn’t work in editor. Preview in Browser for changes!
Add as many accordion items as required.
Every accordion item panel should house only one image!
Open the Elementor Navigator to see the structure and find out required custom class names.
You should define “min-height” of the Inner Section with the custom class name “.ob-img-switcher-wrap” (prevents the adjacent content jumps).
Delete this hidden Text Editor widget once you got the point 🙂

How it works?
Insert any photo from the Media Library to the accordion content panel. That very photo shall become hidden in front-end but visible on-click in the neighbor column.

It’s good idea to make all the images equal size (w/h).

All the required CSS and JavaScript code belongs to Elementor’s Custom Code file, see:
Dashboard > Elementor >Custom Code :: Accordion Image Swapper (OoohBoi)

WordPress Security Tips

Frequently Asked Questions

What Is 2FA?

2FA is an abbreviation for Two-factor authentication. It is a type of multi-factor authentication that strengthens access security by needing two methods to verify your identity. Usually a username:Password & a device.

What Is Brute Force Protection?

A brute force attack uses trial-and-error to guess information its trying to crack. This is usually a login form for a website to gain access to a users account.

What Are Security Headers?

Security headers are used by websites to configure security defenses in web browsers. An example would be the Content-Security-Policy header as it helps prevent attacks such as Cross Site Scripting (XSS) and other malicious code injection.

How Many Security Headers Are There?

Content-Security-Policy
X-XSS-Protection
HTTP Strict Transport Security (HSTS)
X-Frame-Options
Expect-CT
Feature-Policy
X-Content-Type-Options

What Are WordPress Default File Permissions?

All files = 664.
All folders = 775.
wp-config.php = 660.

What Website Information Will You Need For Your WordPress Security Service?

To fully complete our service we will need to access to your websites cPanel account to make changes to your WordPress file system. We will change your wordpress password when we need to access the dashboard of your website meaning we will never know your password. After our service is complete we will then ask you to change it back.

Why Should I Delete Unused Plugins?

By having plugins on your website you don’t use, It increases the chance of your site been hacked as each plugin can have the same or a different vulnerability inside.

How Long Does This Process Take?

Depending on the size of your WordPress website our process takes around 1-5 Days to complete as we do it manually.

Can This Break My Website?

Before we start our service we backup your entire website incase anything goes wrong. It is very unlikely that your website will break however if the unthinkable was to happen we can restore its last state.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.

Cookie	Duration	Description
_gat	1 minute	This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_p_hfp_client_id	past	Elfsight sets this cookie to implement social platforms on the website and enables the social platforms to track the users by assigning them a specific ID.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_B7L2TQQ5VB	2 years	This cookie is installed by Google Analytics.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInPageviewSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjIncludedInSessionSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.

Cookie	Duration	Description
_hjSession_2985993	30 minutes	No description
_hjSessionUser_2985993	1 year	No description
twk_idm_key	session	No description

Protect Your Website With Our WordPress Security Hardening Service

All Sites Need Security Protection

Bronze Website Hardening

Silver Website Hardening

Gold Website Hardening

How Do We Enhance Your WordPress Security?

Adding 2FA

Brute Force Protection

Running Our Security Scan

Changing Database Prefix

Changing Admin URL

Disable XML-RPC

Changing File Permissions

Content Review

Final Hardening

Why Do I Need Your WordPress Security Service?

Free WordPress Security Audit

Security Plugins We Recommend

WordPress Security Tips

Use Secured Website Hosting

Install WordPress Latest Updates

Enable 2FA On All Accounts

Keep Themes & Plugins Updated

Lock WP-Admin & HTAccess Files

Frequently Asked Questions

Have Any Questions?
Don’t hesitate to contact us.

Products & Services

Products & Services

Products & Services

Company

Legal

Resources

Protect Your Website With Our WordPress Security Hardening Service

All Sites Need Security Protection

Bronze Website Hardening

Silver Website Hardening

Gold Website Hardening

How Do We Enhance Your WordPress Security?

Adding 2FA

Brute Force Protection

Running Our Security Scan

Changing Database Prefix

Changing Admin URL

Disable XML-RPC

Changing File Permissions

Content Review

Final Hardening

Why Do I Need Your WordPress Security Service?

Free WordPress Security Audit

Security Plugins We Recommend

WordPress Security Tips

Use Secured Website Hosting

Install WordPress Latest Updates

Enable 2FA On All Accounts

Keep Themes & Plugins Updated

Lock WP-Admin & HTAccess Files

Frequently Asked Questions

Have Any Questions?Don’t hesitate to contact us.

Products & Services

Products & Services

Products & Services

Company

Legal

Resources

Have Any Questions?
Don’t hesitate to contact us.