WP Pirates

Services & pricing

Maintenance, emergency, performance, and security — all delivered by the same engineer.

Plans start at $149/month, month-to-month, no lock-in.

Maintenance plans

Bundled retainers. Cancel any month, no contract.

Essential

Hands-off maintenance for low-traffic sites.

$149 /month
  • Core / plugin / theme updates (monthly)
  • Daily off-site backups
  • Uptime monitoring
  • Monthly written health report
  • Email support, 24h response
Get started
Most popular

Growth

Maintenance + performance + security for sites that drive revenue.

$349 /month
  • Everything in Essential
  • Weekly staging-tested updates
  • Performance tuning quarterly
  • Wordfence Premium / Patchstack monitoring
  • Same-day support, urgent: same-day response
  • 1 small change request per month
Get started

Premium

Mission-critical sites with a contractual emergency SLA.

$799 /month
  • Everything in Growth
  • Emergency response with contractual 30-minute SLA
  • Monthly performance + security audit
  • Up to 2h of dev work per month
  • Quarterly strategy call
  • Dedicated incident channel
Talk to me

Need a one-off audit or emergency help instead? Skip the plan and just send me your site URL.

The four service pillars

Pick à la carte or bundle into a plan. Each pillar has a dedicated page with full scope and pricing.

WordPress Maintenance

Full page →

Keep your site updated, monitored, and backed up — without you ever logging in.

What's included

  • WordPress core, plugin, and theme updates (staging-tested)
  • Daily off-site, encrypted backups (30-day retention)
  • Uptime monitoring with alerts
  • Database optimization and cleanup
  • Monthly written health report

Not included

  • Net-new theme or feature development
  • Content writing or design work

Emergency Help

Full page →

Site down, hacked, or broken after an update? Triage starts immediately.

What's included

  • Hacked-site recovery and malware removal
  • Downtime diagnosis and restore
  • Broken-update rollback
  • Database and file restoration from backup
  • Post-incident report with what happened and how it's prevented next time

Not included

  • Forensic investigations for legal proceedings
  • Third-party platform recovery (Shopify, Webflow, etc.)

Performance Solutions

Full page →

Get into Core Web Vitals 'Good' territory and stay there.

What's included

  • Lighthouse + CrUX audit, prioritized fix list
  • Caching configuration (page, object, edge)
  • Image and media optimization (WebP/AVIF, lazy loading)
  • CSS/JS unused-code removal and deferral
  • Core Web Vitals tuning: LCP, INP, CLS
  • Database and slow-query tuning

Not included

  • Theme or plugin redevelopment from scratch
  • Re-architecting headless / decoupled stacks

Security Solutions

Full page →

Hardening, monitoring, and incident response for WordPress.

What's included

  • Security audit with prioritized hardening checklist
  • WAF / firewall configuration (Cloudflare, Wordfence Premium)
  • Login protection: 2FA, login throttling, custom login URL
  • File integrity and malware monitoring
  • SSL / HSTS / security header setup
  • User role audit and least-privilege cleanup

Not included

  • Penetration testing for compliance frameworks (SOC 2, ISO 27001)
  • DDoS mitigation beyond Cloudflare's standard tier

How an engagement works

Whether it's a one-off audit or a long-term retainer, the first 4 steps are the same.

1

Send your URL

Fill in the form, tell me what's going on. No call required to start.

2

Written assessment

Within 1 business day: scan results, top issues, prioritized fixes, plain-English summary.

3

Quote & scope

You get a written scope and a fixed fee or plan recommendation. No surprises after.

4

Implementation

Staging-first work, change log shared as it lands, post-engagement report.

Frequently asked questions

Don't see your question? Just ask.

Are these prices final or 'starting at'?

These are the standard plan prices. Sites with unusual stacks (multisite, headless, heavily customized WooCommerce) get a custom quote, but I'll always tell you up front if a custom quote is needed instead of bait-and-switching after onboarding.

Can I just hire you for a one-time fix without a maintenance plan?

Yes. Performance audits and security hardening can be one-off projects. Emergency help is also priced per incident. Full pricing is shared after the initial assessment.

What hosting do you support?

Anything that gives me SFTP/SSH and database access: WP Engine, Kinsta, Pressable, Cloudways, SiteGround, ServerPilot, plus self-managed VPS / DigitalOcean / Hetzner / etc.

Do you support WooCommerce / multisite?

Yes — WooCommerce is a regular part of the work. WordPress multisite networks are supported, but priced as a Premium plan minimum due to operational complexity.

What if you can't fix the issue?

Then I tell you, refund the assessment fee if any was paid, and point you to a specialist. I'd rather lose the deal than take it under false pretenses.

Do I need to give you full admin access?

I get my own named admin user, audit-logged. When the engagement ends, that account is removed. Shared credentials are never used.

How do you handle change requests?

Growth includes 1 small change/month, Premium includes up to 2h. Beyond that, dev work is billed in 30-min increments at my hourly rate, agreed before work starts.

Cancellation policy?

Month-to-month, cancel any time before the next billing cycle. No annual lock-in.

Ready to take WordPress off your plate?

Send me your site URL — written assessment back within a business day, no obligation.

Request your free assessment Read the full FAQ