A newborn website designed by Tall Poppies Design is perfection. It lives, breaths and functions just the way we want.

For now.

No matter how big, small, bustling or quiet your business is, hackers are on the prowl to infest your site with evil germs. It doesn’t matter how under-the-radar your site is. Hackers would love to get their hands on it. And, trust me, they’re trying. Right. This. Second.

The last job title you need is “security guard.”

You already wear too many hats to run your business.  Plus, I hear you: “Where do I even start to keep it safe and secure?” “How do I know when I’ve been hacked?” “Malware, brute force, 404 errors. WTF. What does it all mean?!”

You shouldn’t have to worry about this.

That’s why I am now offering Tall Poppies TLC Website Maintenance.

When we built your site together, I invested so much creativity, energy, and have intense pride in your site. I want to protect it as badly as you do. I feel very strongly that my reputation is on the line as much as yours when it comes to the health and sanity of your website.

This peace-of-mind package includes:

  • Complete security audit
  • Superior security software to barricade hackers and their malware
  • Hacker and malware activity monitoring (like I said, they’re trying to get into your site right now)!
  • Ongoing security upgrades to keep pace with evolving hack attacks
  • Website back-ups filed in a secure vault
  • Regular WordPress software, plugin, and Thesis theme updates
  • Tweaks to fix the little tear-your-hair-out incompatibilities that arise from those updates!
  • Special hourly rate for all other website updates!
  • Free hack repairs (just in case...)

Why is this service so damn important?

Over 30,000 sites are hacked. Every. Single. Day. That’s 11 million websites compromised every year! How much money will you lose if your site get’s taken down?

Some hacks are blatant:

One day your customers arrive on your site and see that your site no longer exists and, instead, in it’s place is a grotesque pornographic site; or perhaps it’s plastered with crime scene tape and a mad-man is not-so-politely demanding your bank account details and first born child; or it’s beaming invitations to don a mask, a cape, and to come stir up the peace of planet earth.

Some hacks are more sneaky and sinister:

One day your customers pop into your site and sneaky little shopaholic web ninjas start stalking them, and running off to play with their credit cards. You will have no idea that your site was the source of the calamity. Hackers can also hijack your site to send spam and download viruses onto your customers’ computers.

Do you really want that blood on your hands?

Some hacks cause a lifetime of distress:

Google gets mightily pissed off if your site is spreading evil viruses and malware, and they will plonk you at the very back of the line in the search results. Years and years of working on your site’s search engine rank will be flushed down the drain.

And there’s no quick fix. Have you ever spoken to the help desk at Google? No. That’s because there isn’t one.

Hackers don’t discriminate:

Cyber criminals have automated scanning tools scouring the web looking for websites to infect to deploy their malicious code. Their target could be a personal blog, a small business website or a massive news site. Wherever there is vulnerability they will happily capitalize on it to spread their wares.

How do hackers get in:

Any way they can. They are clever little crazies and will stop at nothing. They may simply code computer programs to try every single password imaginable to enter your site. They find weak spots in WordPress, in plugins, and in your Theme’s code. They share their secrets with fellow hackers too. They are constantly learning and evolving their mad hacking skills and will stop at nothing.

If my site gets hacked, can't I just ask you, or my host, to restore a backup...

Yes and no. Before we answer this, first off, are you running backup software that schedules and runs backups regularly? Are the backups saved to your site's hosting account or elsewhere in the cloud, because if it's the former the backup files could be infected with the virus too.

Back to your question: Yes, restoring your site from a backup will make the problem go away temporarily. But if you determine how the hackers broke in and block them from getting in that way, you will typically just get hacked again within the day or two after you restore your site.

A few FAQs about hacks:

What are common causes of WordPress hacks?

The most common causes of WordPress hacks is running old versions of WordPress, old or unsupported plugins/themes, or shoddy code customizations.  That said, WordPress core intentionally leaves a number of security vulnerabilities in place (as do all CMS systems) because plugging those security vulnerabilities is either a different process for different hosting platforms or will likely cause side effects with a common collection of plugins and themes. If you’re afraid to run updates because it can break things or don’t know what to do, then let us be your peace of mind and take care of it for you.

Arn't there automated tools for fixing hacks?

Yes and no. Yes, there are tools that can identify and remove hacked files, but those tools won’t also fix the source of the hack and that means the hackers will be back and will just hack your site again. What we provide differs as we not only clean up the initial damage, but also stick with you to determine the cause of the hack so we can block the hackers from getting back into your site again. Especially if you’re running ongoing SEO or marketing campaigns, it is crucial to make sure you don’t keep getting hacked over again.

If I get hacked once, will I get hacked twice or thrice or?

During the repair process, it is possible to get hacked again, but once we’ve identified the cause of the hack and blocked it, you won’t be able to be hacked again unless another cause arises that is not quickly addressed. In addition to repairing the hack, we can also monitor and address such issues for you on an ongoing basis so you don’t even have to think about the security components of your site.

So, can you prevent these repeat attacks?

Yes. Once we have identified the cause of the hack, we can block it. As technology changes, though, other security holes may pop up, so it’s important to stay on top of the security on your site all the time. If you like, we can handle that ongoing maintenance for you as well so you can focus on what matters most to you – running your website rather than fixing it.

If I do get hacked (touch wood!), how long will it take to fix?

That depends on the hack. In most cases it can be fixed within a day or two. But when you’ve been hacked by a savvy hacker, it can take more time to determine how they’re breaking in and to block them.

Features of TLC Website Maintenance:

Scheduled Malware Scanning

Malware is often disguised or embedded in non-malicious files, so you may not know your site is infected. Hackers use malware to gather sensitive information and get unauthorized access to your site. Know your site is malware-free with scheduled malware scanning.

Brute Force Protection

Limit the number of failed login attempts allowed per user. If someone is trying to guess your password, they'll get locked out after a few tries.

File Change Detection

If someone manages to get into your site, they'll probably add, remove or change a file. Get email alerts showing any file changes so you know if you've been hacked.

404 Detection

If a bot is scanning your site for vulnerabilities, it will generate a lot of 404 errors. We will lock out that IP after the limit you set (20 errors in 5 minutes by default).

Strong Password Enforcement

Set which level of users on your site (admins, editors, users, etc.) need to have strong passwords. This is one of the best ways to secure your site.

Lock Out Bad Users

Keep bad users away from your site if they have too many failed login attempts, a lot of 404 errors or if they're on a bot blacklist.

Hide Login & Admin

You can change the URL of your login area and admin area so attackers won't know where to look.

Entire Site Backups

We schedule and run backups of the entire site, and the WordPress database backups and have them stored in a secure location in the cloud.

And all of your website’s software updates

WordPress releases small, medium, and large updates regularly. Some simple make WordPress easier and more fun to use. Most help protect the site against massive security vulnerabilities. The same goes for your plugins, and the Thesis them.

It is important to keep WordPress and these other pieces of your website puzzle up-to-date. Unfortunately, sometimes when you click update, your site breaks in half. We make sure this doesn’t happen; and we fix it when it does.

Your website’s software licenses annual renewal fees

When I built your site, we included several premium (a.k.a ‘paid’) tools to make it look and work beautifully. These tools require new licenses every year in order to get these aforementioned feature and security upgrades. The fees to upgrade the software are included in the TLC maintenance packages.

Special rates on website updates…

I want nothing more than for you to love making updates to your site, and that’s why I empower you with website training, and a suite of training videos for you to reference any time you like. However, I also know that you don’t always have time to do it all.

So, I’m more than happy to do it for you.

If you sign up for TLC maintenance services, I will also extend to you a discounted hourly rate of $115/hour for any website updates you want made, such as adding new photos, testimonials, updating text etc.


Sign up now.

  • $99-$129 per month for a one year term
Join Now


A few more things to note...

What happens if I don’t sign-up?

I won’t scare you with all the “what if’s” that will arise if you ignore your site’s security needs. You can certainly take care of some of these maintenance tasks yourself, if you have time and the bravado.

Here are some tools that we highly highly highly recommend for you to secure your site yourself. These are all included (and so much more) in our TLC Maintenance package (not counting all the hard-yakka, and super hero tech skills it takes to update plugins, WordPress etc):

  • Purchase our one-time lock-down for $349
  • Automate back-ups with the Backup Buddy plugin ($80/year)
  • ithemes Security Pro ($80/year)
  • Cloud storage for your backups such as ithemes Stash ($35/year)
  • And if your site gets hacked, budget a minimum of $250 for a repair

Also, many of the tools I use in my sites are premium and have annual fees tied to them. If you don't opt-in to our TLC maintenance services, and want to use these cool tools you will need to purchase your own licenses after the first year (and we'll contact you around the time they're expiring). Here is a sampling of the premium tools we include in our website packages:

  • Thesis theme (we cover the cost for the first year; $89/year)
  • Gravity Forms ($39/year)
  • ithemes plugin suite for slideshows ($150/year)
  • Popup Aly ($97/year)
  • WishList Member ($99/year)
  • And many more...

Does this TLC maintenance package include content updates?

No, just software updates. However, if you sign up for TLC maintenance services, I will also extend to you a discounted hourly rate of $115/hour for any basic website updates you want made, such as adding new photos, testimonials, designing new banners, updating text etc.

I haven’t included these update services in the TLC package because I don’t want us to become beholden to each other when it comes to time and services. You don’t want to have to make updates when you don’t need them; I don’t want to owe you time if you don’t use it each month. Let’s keep this a la carte! I’m just a click away when you need help!


Sign up now.

  • $99-$129 per month for a one year term
Join Now