How often should a WordPress website be updated?+
Security updates for WordPress core and plugins should be applied as soon as they are available typically within days of release, after testing in a staging environment. Minor plugin updates with no security implications can be batched and applied weekly or monthly, depending on the maintenance plan tier. PHP version upgrades should be evaluated and applied within 3-6 months of major PHP version releases, after testing for compatibility with the specific plugin and theme stack. Leaving WordPress core, plugins, and themes unupdated for months creates the accumulated vulnerability surface that attackers target. Monthly update cycles are the minimum responsible approach; weekly or more frequent cycles are preferable for high-traffic or high-value websites.
What is a staging environment and why does it matter?+
A staging environment is a separate copy of the website with an identical database, theme, plugin stack, and content running on a server separate from the live website. Updates are applied to the staging environment first, tested to verify correct function, and only then deployed to the live website. This process protects the live website from the compatibility issues that occasionally arise when updates interact unexpectedly with the specific combination of plugins, themes, and code in a particular website's configuration. Many businesses manage updates directly on the live website a practice that is quicker but risks breaking the live website when a conflict occurs.
What happens if my website gets hacked?+
Under a Clickmasters maintenance plan, a security compromise triggers our incident response protocol: immediate notification, scope assessment, malicious code removal, vulnerability patching, and clean restore from backup where necessary. The response process is covered within the maintenance plan fee for compromises that occur within the normal scope of the maintained security configuration. For compromises on websites joining the maintenance plan after the fact where the compromise may have originated before the maintenance plan was in place we provide incident response as a separate engagement at a fixed rate. For businesses without a maintenance plan, security incident response is available as a standalone service at rates that typically significantly exceed what ongoing maintenance would have cost.
Do you maintain websites built by other agencies?+
Yes we regularly take over maintenance of websites built by other agencies or freelancers. Before beginning maintenance, we conduct a website health audit: reviewing the codebase and plugin stack, assessing the current security posture (existing vulnerabilities, outdated software versions), evaluating performance metrics, and documenting the baseline state of the website we are taking responsibility for. The audit identifies any immediate issues that should be addressed before the ongoing maintenance begins, and gives both us and the client a shared understanding of the website's starting condition. Health audit fees are typically credited against the first month of maintenance fees when the engagement proceeds.
What is included in the content update hours in your maintenance plans?+
Content update hours cover minor changes to existing pages: text edits, image replacements, PDF updates, adding or removing team member profiles, updating pricing or product descriptions, adding new testimonials or case studies to existing formats, and other changes that do not require new page development or significant design work. Changes that require new page creation, significant layout changes, or new functionality development are scoped and billed separately. We provide clear guidance at the point of each request about whether the work falls within the maintenance plan scope or requires a separate scope.
How are backups stored and can I access them?+
Backups are stored off-site on separate server infrastructure from the website being backed up, in a geographically distinct location. This means that a hosting server failure does not affect the backup availability. We use dedicated backup services (BlogVault, UpdraftPlus Premium, or WP Time Capsule depending on the hosting environment) that maintain a 30-day rolling backup history. Clients can request access to their backup archive at any time, and we provide backup files for any restoration point within the retention window on request.
What is your response time for urgent issues?+
Response times depend on the maintenance plan tier and the severity of the issue. For the Professional plan, standard issues are addressed within 4 business hours; urgent issues (website down, payment failure, security compromise) within 2 business hours during business hours. For the Enterprise plan, urgent issues are addressed within 1 hour at any time. For all plans, uptime monitoring alerts generate an immediate automated notification to our team with follow-up human review within 15 minutes during business hours.
Can I cancel my maintenance plan if I am not satisfied?+
All maintenance plans operate on monthly rolling terms there are no minimum contract periods or cancellation fees. We do not believe that quality maintenance services need to be contractually locked in. If you are not satisfied with the service, you can cancel with one month's notice. On cancellation, we provide a complete handover package: the most recent backup, documentation of the current site configuration, and a summary of the maintenance history so that whoever continues maintenance of your website has the information they need to do so effectively.
How do I get started?+
Contact us to discuss your website's current situation and requirements. We review the type of website, the platform, the current hosting environment, and the business criticality of the website and recommend the maintenance plan most appropriate for those requirements. For websites with known security or performance issues, we may recommend a one-time health audit and remediation before beginning the ongoing maintenance plan.