Hacker Free WordPress Security

We’re designed to make sure your sites are safe and secure.

Because of it’s popularity, WordPress has become a target for hackers and malicious users across the internet. We’re always on top of the latest WordPress security vulnerabilities and proactively block threats when we can. We work hard to make sure your sites are safe and secure.

No more WordPress security plugins
WPhost handles all WordPress security at the server level – this means there’s no need for any security plugins. Since conflicting plugins bring performance issues of their own, we recommend that you don’t even install them.

All WPhost plans now include our built-in global Content Delivery Network (powered by Fastly) for free. While most WordPress sites don’t need to worry about DDOS mitigation, Fastly’s high-bandwidth, globally distributed network is built to absorb DDoS attacks.

Keeping plugins up-to-date is one of the best ways to ensure your site is secure and running great! However, we know that managing plugin updates is time consuming and distracts from other valuable work that can grow your business. With WPhost Managed Plugin Updates you can get back to work and trust that your site will always be up-to-date and online. Enroling your site allows you to offload this tedious task!

New Zealand's only dedicated WordPress hosting NZ provider with CDN points strategically located in Auckland, Wellington and Christchurch
Google Cloud Platform

Security-focused WordPress hosting

How we work hard to keep your sites safe and secure:

Managed Updates

WPhost ensures your site is running the latest and greatest version of WordPress. Managed WordPress hosting means we handle all core WordPress updates for you so your WordPress software will always be up to date and secure.

Free Malware Removal

Nobody wants to have tasteless ads show up on their homepage. In the unlikely event that your site is hacked or compromised, our team of WordPress Experts will quickly and carefully undertake our free malware removal service and fix it!

WordPress Files Locked

On WPhost, nobody can overwrite your WordPress core files. Everything in your WordPress install is locked right down, aside from your custom content. What’s more, you don’t want your hard work getting wiped with every WordPress update!

Limited Login Attempts

We protect against brute force attacks at both the site and server level. All WPhost sites have a highly effective plugin installed to block repeatedly failed login attempts – this is highly effective at making brute-force attacks difficult to perform.

Intelligent IP Blocking

Our security systems use intelligent IP blocking to detect and block intruders across all sites on the WPhost network within seconds. Your site’s protected from hackers before they even try to attack!

2FA Authentication

We encourage you to set up Two-factor Authentication to verify your identity using your favourite third-party application. 2FA is virtually impossible for a hacker, so this is an extremely powerful security solution.

Infection Insurance

Unfortunately, there’s always a small chance hackers could find their way around your defence and some clients may want an extra level of assurance, and even greater peace of mind.

WordPress Infection Insurance

Infection Insurance is included free with all SilverGoldPlatinum, Custom and Agency plans:

In the event you find your site has been compromised, or your site is hacked, our WordPress Experts will jump in right away and get to work cleaning up the infection – for free! Alternatively, we’ll urgently restore the site to any of your 30 most recent backups.

Immediately following the cleaning of your site, our team will check your website’s blacklist status with blacklist authorities. A blacklisted site loses at least 95% of it’s traffic.

Finally, we’ll take a hacker’s view to bring you real time information about what plugins are vulnerable so you can act accordingly. Leveraging the WPScan Vulnerability Database, we’ll detect known security vulnerabilities and address issues such as CSRF (Cross-Site Request Forgery), XSS (Cross-site scripting) and RFI (Remote File Inclusion).

Security Insights

Knowing that a website has a known vulnerability is hard to ignore with WPhost's Security Insights. Stop being in the dark when it comes to your security.

The worst thing about malware is that it could be on your website for months without you even knowing. You need to be vigilant, proactive and check regularly for malware and known vulnerabilities. That’s where Security Insights comes in.

WPhost’s new Security Insights is a total game changer for your WordPress maintenance workflow – we’ll undertake integrity monitoring, vulnerability detection and malware scanning of your website.

Each month we’ll package up a report containing valuable security information, as well as an overview of all past security scans. We’ll also detect any security vulnerabilities and bring you real time information from the WPScan Vulnerability Database about what plugins are vulnerable. Stop being in the dark when it comes to your security.

Another feature of Security Insights is our secondary backup service. Every month, we’ll run a scheduled secondary backup of your website and keep it for 90 days. Our secondary backups are run in addition to your existing nightly backups, are incremental and are run off-site.

Security Insights