WordPress maintenance, done every week
Core, plugins, themes, database, backups, security: WordPress maintenance is a weekly discipline, not a yearly panic. UK engineers run the routine so updates never take your site down.
What actually happens to your site each week
Backup, then update in order
Fresh backup first, restore point confirmed. Then core, plugins and themes updated in a controlled sequence, with changelogs read, not just buttons clicked.
Check what the update touched
Key pages, forms and checkout loaded and eyeballed after every run. If an update misbehaves it gets rolled back or fixed the same day, not discovered by a customer.
Housekeep the machinery
Database optimised, revisions and transients pruned, wp-cron verified, security scans reviewed, abandoned plugins flagged. The dull work that keeps WordPress fast and safe.
The maintenance jobs generic services miss
Anyone can click "update all". Real WordPress maintenance services deal with the platform's quirks before they become outages.
WooCommerce compatibility
WooCommerce publishes a compatibility matrix for WordPress and PHP versions, and every extension lags it differently. We check the matrix before updating shop sites, never after.
Plugin abandonment watch
Plugins quietly die: no updates for a year, or removed from the repository for security reasons. We monitor for both and plan replacements before the risk lands.
wp-cron reliability
WordPress's visitor-triggered scheduler misses jobs on quiet sites and hammers busy ones. We wire it to a real server cron so scheduled posts, emails and backups run on time.
Database optimisation
Post revisions, expired transients and bloated autoloaded options slow every page load. Monthly database housekeeping keeps queries quick as the site grows.
PHP version management
PHP 8.1 security support ended in December 2025. We track what your theme and plugins can safely run and manage the upgrade on staging before your host forces it.
Backups that restore
Daily off-server backups, test-restored regularly. Host backups sitting on the same server as the site are not a disaster recovery plan.
Learn moreWhat breaks when the routine stops
Every rescue job was once a skipped update
Skipped weeks turn into rescue jobs
Outdated plugins cause the majority of WordPress hacks, and attackers scan for known vulnerabilities within days of each disclosure. Skip the routine for six months and you are also six months of compatibility drift behind: the eventual catch-up update becomes the thing that breaks the site. We see the endgame weekly in our WordPress support queue: hacked sites, white screens after bulk updates, checkouts broken by an untested WooCommerce update.
- Hacked site cleanup costs more than a year of Essential Care
- A failed update with no tested backup can mean days of downtime
- 43% of cyber attacks target small businesses, and unpatched plugins are the way in
WordPress maintenance plans
All plans include the full weekly routine. Higher tiers add development time and faster response. Prices exclude VAT.
Essential Care
For brochure sites that need to stay updated, backed up and online.
£59 /month
£590 /year
- Weekly core, plugin and theme updates
- Daily off-server backups
- 24/7 uptime monitoring
- Security scanning and hardening
- Monthly health report
- Email support, next business day
Professional Care
For business sites where downtime costs money. Our most popular plan.
£119 /month
£1190 /year
- Everything in Essential
- 60 minutes of development time every month
- Same-day emergency response
- Speed and Core Web Vitals monitoring
- Monthly accessibility scan
- Phone and email support, 7 days
Premium Care
For ecommerce and high-traffic sites that need a proactive team on call.
£249 /month
£2490 /year
- Everything in Professional
- 3 hours of development time every month
- Priority 2-hour emergency response
- WooCommerce and payment testing
- Quarterly SEO and conversion review
- Direct line to your engineer
All prices exclude VAT. Cancel monthly plans any time. Secure card and Direct Debit payments powered by Stripe.
Is your website slower than your competitors?
Run a real Lighthouse speed test free. See your scores and the exact fixes that would make your site faster.
Frequently asked questions
What is included in WordPress maintenance?
Weekly WordPress core, plugin and theme updates, daily off-server backups, database optimisation, security scanning, uptime monitoring and a monthly report. We also do the WordPress-specific housekeeping most services skip: checking for abandoned plugins, verifying WooCommerce compatibility before updates, and keeping wp-cron and PHP versions healthy.
How often should WordPress be updated?
Weekly is the right rhythm for most business sites. Security releases need applying within days of publication, because attackers reverse-engineer patches and scan for unpatched sites almost immediately. Waiting for a monthly or quarterly visit leaves a window you do not want. Our cycle runs every week, with emergency patches applied sooner.
What happens if I never update WordPress?
The site keeps working, right up until it does not. Known plugin vulnerabilities accumulate and outdated plugins cause the majority of WordPress hacks. Meanwhile PHP moves on underneath: hosts force-upgrade eventually, and untested themes and plugins break when they do. Update debt also compounds, so a two-year catch-up is a risky, expensive project instead of a routine.
How much do WordPress maintenance services cost in the UK?
UK prices range from about £30 a month for automated-only updates to £300+ for plans with development time. Ours are £59, £119 and £249 a month excluding VAT. The difference from cheap automated services is that a human checks the site after every update run and fixes what an update breaks as part of the plan.
Should I just turn on automatic updates for everything?
Auto-updates are better than nothing, but they update blind: nobody looks at the site afterwards, and nobody checks whether a plugin update supports your WooCommerce or PHP version first. When an auto-update white-screens a site at 2am, it stays broken until a human notices. Controlled weekly updates with checks afterwards catch that immediately.
What is wp-cron and why does it matter?
wp-cron is the scheduler WordPress uses for background jobs: publishing scheduled posts, sending WooCommerce emails, running backups. By default it only fires when someone visits the site, so on quiet sites scheduled jobs silently pile up or never run. We replace it with a real server cron job so scheduled tasks actually happen on time.
Do I still need maintenance if my host updates WordPress core?
Yes. Host auto-updates cover core only, and core is rarely the problem: plugins and themes are where the vulnerabilities and conflicts live. Hosts also do not test your checkout after updating, tune your database, monitor for abandoned plugins or take restorable off-server backups. Core updates are one task out of a dozen.