clickpuls
4 slots Q2/26

WORDPRESS MAINTENANCE · STANDARD PRODUCT · VIENNA

WordPress maintenance
as a fixed-price package — from € 140/month net.

Monthly updates, weekly cloud backups in two independent systems, Site Protect with virtual patching and continuous uptime monitoring — all in the Essential package from € 140/month net. The actual price depends on the size and complexity of the WordPress site.

Request a free consultationLearn more
Trusted by
Mercedes-Benz
BMW Deutschland
MINI Deutschland
Red Bull
IKEA
Allianz
A1
Sky
Electronic Arts
OBI

What WordPress maintenance at clickpuls means.

WordPress maintenance at clickpuls is a standard product with a clearly packaged scope and a transparent entry price — not a consulting retainer, no hour quotas.

The Essential package starts at € 140/month net (= € 1,680 net/year) and includes in the standard case:

  • Monthly updates for WordPress core, themes and plugins with compatibility check
  • Weekly cloud backups in two independent backup systems
  • Site Protect with virtual patching, IP blocking and attack monitoring
  • Continuous uptime monitoring with automatic responses
  • Response time of 2–24 hours on business days
  • Up to 5 hours of restoration work per year included

The actual price depends on the size and complexity of the WordPress site — the concrete classification happens in the onboarding audit (€ 590 net fixed price, non-refundable).

Unlike our management retainers (from € 1,700/month net), WordPress maintenance is productised: defined scope, clear entry price, no "consulting overhead". Suitable for sites meant to keep running — not be continuously developed further.

Why WordPress maintenance as a standard product.

Four traits that distinguish our maintenance product from "hosting plus update click" and from typical agency retainers.

01

Clear entry price instead of "on request"

Essential from € 140/month net — you know before the first call what standard maintenance costs and what is included. The actual price depends on the size and complexity of the WordPress site; the concrete classification happens in the onboarding audit and is disclosed transparently. No negotiation games, no hidden-cost surcharges.

02

Weekly backups in two independent systems

Weekly cloud backups run on two mutually independent backup systems — if one backup provider fails or a snapshot is corrupted, the second line is immediately available. Data processing in the EU as the technical prerequisite for GDPR-compliant operation. In an emergency we restore from the last clean backup — restoration work up to 5 hours per year is included in the Essential package.

03

Site Protect: virtual patching + attack monitoring

Known WordPress and plugin vulnerabilities are blocked via virtual patching at the web application firewall layer — even when the official plugin patch only ships later. Plus IP blocking of suspicious patterns, login brute-force protection, hardening measures (XML-RPC lockdown, 2FA for admin accounts) and continuous attack monitoring. We give no blanket "100 % secure" guarantee — no one can honestly do that — but we actively reduce the attack surface.

04

Continuous uptime monitoring

Your site’s availability is monitored at one-minute intervals — on outage, automated mechanisms react (cache reset, service restart in simple cases) and in parallel our operations team is alerted. Response to incidents within 2–24 hours on business days (with contract); without contract this typically takes 8 hours to 3 business days — significantly longer.

What’s included in the Essential package — and what costs extra.

Essential — from € 140/month net

The standard package — fits most WordPress sites of brochure or brand character, without a shop component and without an unusually complex plugin stack. Annual price on monthly billing: € 1,680 net.

Included in scope:

  • Updates: monthly updates for WordPress core, themes and plugins with compatibility check
  • Backups: weekly cloud backups in two independent backup systems
  • Site Protect: virtual patching against known vulnerabilities, IP blocking of suspicious patterns, hardening measures, continuous attack monitoring
  • Uptime monitoring: uptime checks at one-minute intervals with automatic responses
  • Response time: requests and incidents within 2–24 hours on business days
  • Restoration: up to 5 hours of restoration work per year included (for cases where something really breaks and a restore is required)

Without a contract — if you contact us ad hoc because something went wrong — response typically takes 8 hours to 3 business days and there is no agreed backup or security fallback. That’s exactly what the maintenance contract is for.

When a surcharge applies — and in what order of magnitude

The Essential package covers the typical WordPress brand site cleanly. Sites with higher care effort get an individual monthly surcharge, determined in the onboarding audit and disclosed transparently — before you sign, you know exactly what you’ll pay monthly.

Typical surcharge triggers:

  • WooCommerce shop component — update risk and tracking/tax topics are higher; sometimes better handled via our separate WooCommerce management
  • Multilingual setups via WPML or Polylang with large translation volume
  • Page-builder sites (Elementor, Bricks, Divi) with complex builder libraries
  • Multi-site WordPress networks
  • Very large sites (50+ pages, 25+ active plugins, custom plugins)
  • Lead-critical funnels with high tracking/conversion demands
  • Editorial cadence (daily new posts, editor team that actively needs support)

The actual surcharge depends strongly on the real setup — the onboarding audit is precisely there to deliver an honest figure, not an "up-to-€" marketing promise.

Onboarding audit (pre-check) — € 590 net fixed price

Before we start ongoing maintenance, we run a one-off audit of your site — € 590 net fixed price, non-refundable, one-to-two-week turnaround.

What we check:

  • Versions: current WordPress, theme and plugin versions
  • Backup status: do they exist? are they restorable?
  • Security configuration: open login endpoints, XML-RPC, file permissions
  • Hosting setup: PHP version, memory limit, cache stack
  • Code quality: theme code, plugin conflicts, potential risk indicators

Output — written status report with:

  • Recommendation — Essential or Essential plus surcharge in what amount
  • Preparatory steps before maintenance start (update catch-up, hosting migration, plugin clean-up), if needed
  • Risk assessment for the next 12 months

Only after the audit does ongoing maintenance start — we don’t maintain sites blindly.

What is explicitly out of maintenance scope

Maintenance should be plannable — anything that doesn’t fit the standard scope runs separately.

Specifically not included:

  • Major version updates (e.g. WordPress 6.x → 7.x, large plugin version jumps)
  • PHP upgrades at server level
  • Hosting migrations
  • Plugin replacement — complete swap of one plugin for an alternative
  • Theme redesigns or larger theme extensions
  • Custom code development and new landing pages
  • Editor training, content creation, translation management
  • WooCommerce shop care as an ongoing discipline — for which we have our WooCommerce management as its own service

For these topics you receive a separate fixed-price quote or a WordPress agency engagement. We separate this deliberately — maintenance with an "as-needed" character becomes unplannable and more expensive than a clear fixed price plus separate project packages.

Hosting, data residency and handover

We maintain your site where it runs — provided it’s a seriously operable host.

Standard recommendations — all with data processing in the EU (technical prerequisite for GDPR or FADP-compliant operation):

  • Hetzner Cloud or Dedicated in Frankfurt/Falkenstein
  • Fly.io Frankfurt
  • Raidboxes managed WordPress

On Hetzner and Fly.io we optionally take on the complete server admin: Nginx, PHP, Redis, MariaDB care, security updates of the server OS.

We deliberately don’t recommend maintenance on cheap shared hosts as a standard option, because performance, scaling and operations support regularly hit limits there. If the site lives there, we check during the onboarding audit whether a migration to a serious host makes sense — migration runs as a separate fixed-price package, not within the maintenance scope.

Contract model: monthly renewal, fairly cancellable. On contract end we hand over completely — hosting accesses in your name, backups as download, plugin licences, update history and status reports. No vendor lock-in.

WHEN DO YOU NEED THIS?

When does WordPress maintenance fit as a product?

Four typical situations where the Essential package (or Essential plus surcharge) is the right answer — and pointers for when you need our management retainer instead.

01 / TRIGGER

Brand site that just needs to keep running

You built (or had built) a WordPress site 1–3 years ago and just need it to keep running securely and up to date — no continuous further development. Exactly what Essential is made for.

02 / TRIGGER

In-house marketing without tech lead

Your marketing team maintains content themselves but has no one for updates, security or backup care. You want to outsource clear responsibility for that without buying consulting hours.

03 / TRIGGER

Preparation for an upcoming relaunch

A relaunch is coming in 6–12 months — until then the existing site should stay secure and stable, without you wanting to invest in larger maintenance expenses. Essential is the economical bridge solution.

04 / TRIGGER

Smaller multi-site management

You manage several WordPress sites (sub-brands, location sites, campaign sites) and want a clear maintenance contract with a published entry price for each, instead of one big, hard-to-allocate retainer.

Case studies

WordPress maintenance projects from our practice.

Preview image of the case study Cellectric Biosciences — Cellectric Biosciences – Website & SEO for a BioTech Startup
Cellectric BiosciencesBioTech / Life Sciences

Cellectric Biosciences – Website & SEO for a BioTech Startup

Fully responsive WordPress website with animated visuals for a Vienna-based BioTech startup – including real-time content updates and an SEO foundation for international visibility toward investors, funding bodies, and lead customers.

View case study
More clients

Clients who have trusted us for years.

  • bank99
  • OBI
  • Sky
  • Allianz
All case studies

Sounds like your project?

30–45 minutes for a first call — free and non-binding. We assess your use-case, estimate effort and risks, and give an honest recommendation — even if it means this is better built elsewhere.

Request a free consultation

WordPress maintenance or WordPress retainer?

An honest side-by-side of the two paths — maintenance as a standard product vs. hour-based retainer for sites with continuous further development.

Kriterium / Criterion
WordPress maintenance (standard product)
WordPress retainer (multiple package sizes)
Monthly price
Essential from € 140/month net (surcharge for WooCommerce/complex)
from € 1,700/month net (retainer entry)
Scope
Updates, backups, security, monitoring (fixed price)
Maintenance + theme adjustments + custom functions + advice
Editorial / functional development
Out of scope (separate fixed-price package or WordPress agency)
Included in the hour quota
Response time
2–24 h on business days (with contract); without contract 8 h – 3 business days
24 h on business days, faster SLAs by contract
Emergency restoration
Up to 5 h per year included, beyond that fixed-price effort
Billable from retainer quota
When each path fits
Site should run stably, hardly any further development
Continuous content expansion, new features, advice
OUR PROCESS

How WordPress maintenance with clickpuls runs.

Four steps from the onboarding audit to the monthly routine — transparent and plannable.

01

Onboarding audit (pre-check)

1–2 weeks, € 590 net fixed price (non-refundable). We check WordPress / plugin / theme versions, backup status, security configuration, hosting setup, theme code quality. Output: status report with price recommendation (Essential or Essential plus a concrete surcharge) and any preparatory steps.

02

Preparatory steps (if needed)

0–6 weeks, separate fixed-price package. Update catch-up for WordPress core and plugins, hosting migration to a seriously operable host (if the site lives on shared hosting that makes maintenance impossible), backup and security setup activated. Only then does ongoing maintenance begin.

03

Ongoing maintenance in fixed-price monthly model

Monthly updates (core, plugins, theme) with compatibility check, weekly backups in two independent systems, Site Protect with virtual patching, continuous uptime monitoring, incident response within 2–24 h on business days. Restoration work as needed (up to 5 h/year included in package).

04

Yearly review and adjustment

Once a year a written status review with recommendation whether the package still fits — and whether an agreed surcharge still matches the reality of the site. We actively recommend downward adjustments when scope isn’t used; no artificial commitment.

KEY FIGURES

Key figures of the Essential package.

Four key figures — the published entry price, the audit condition, the included restoration capacity and the response time.

Essential
from € 140/month net

€ 1,680 net/year. Monthly updates (core, themes, plugins), weekly cloud backups in two independent systems, Site Protect (virtual patching, IP blocking, attack monitoring), uptime monitoring. Surcharge for WooCommerce/complex sites determined individually after audit.

Onboarding audit
€ 590 net fixed price

Mandatory before ongoing maintenance starts, non-refundable. Audit of versions, backup/security/hosting status, theme code quality, plugin conflicts. Output: status report with price recommendation and any required preparatory steps.

Restoration
up to 5 h/year incl.

Restoration work (e.g. restore from backup after a compromised plugin, rollback after a problematic update) is included in Essential up to 5 hours per year. Effort beyond that is billed as a fixed-price package.

Response time
2–24 h on business days

With a maintenance contract we respond within 2–24 hours on business days to requests and incidents. Without a contract response typically takes 8 hours to 3 business days — the contract therefore gives you not only maintenance but also significantly more binding communication in an emergency.

Ready for a first call?

30–45 minutes by call, no commitment. Tell us briefly what you need — we get back within one business day with concrete next steps and a realistic effort estimate.

Request a free consultation
DACH CONTEXT

WordPress maintenance for AT, DE and CH.

Maintenance in DACH doesn’t just mean "click updates". It also means continuously catching up when legal or technical requirements change.

Concretely in practice:

  • Cookie-banner configurations updated when TTDSG (DE), DSG-CH or Austrian interpretations tighten
  • Consent Mode v2 defaults caught up when Google changes the requirements
  • Plugin conflicts between DACH-specific plugins (Germanized, German Market, Borlabs, Complianz, RankMath/Yoast) kept clean

We know this reality because we continuously maintain WordPress sites in all three DACH markets.

Hosting and data residency: hosting runs on Hetzner Frankfurt, Fly.io Frankfurt or Raidboxes — EU data processing as the technical prerequisite for GDPR or FADP-compliant operation. For Swiss sites we additionally watch for FADP-specific configurations (e.g. revised privacy notices, Swiss cookie-banner configuration).

Division of work: the legally binding GDPR/FADP assessment is done by your lawyers or data-protection officers; we own the technical implementation. Active ongoing care of GDPR configuration (Consent Mode adjustments on Google changes, cleanly integrating new tracking tools) is not included in the Essential package — if needed it runs as a separate fixed-price package or via a retainer.

FREQUENTLY ASKED

Frequently asked questions about WordPress maintenance.

What does WordPress maintenance at clickpuls cost?

WordPress maintenance starts at € 140/month net (= € 1,680 net per year) in the Essential package — the standard maintenance package for brochure-style WordPress sites.

The actual price depends on the size and complexity of the WordPress site. The concrete classification happens in the onboarding audit (€ 590 net fixed price, non-refundable) and is disclosed transparently before you sign.

The surcharge depends on the real setup — e.g. plugin stack, languages, editor effort and traffic class — and is disclosed concretely in the audit report.

What exactly is in the Essential package?

Included in the Essential package:

  • Monthly updates for WordPress core, themes and plugins with compatibility check
  • Weekly cloud backups in two independent backup systems
  • Site Protect: virtual patching against known vulnerabilities, IP blocking of suspicious patterns, hardening measures, continuous attack monitoring
  • Uptime monitoring at one-minute intervals with automatic responses
  • Response time: within 2–24 hours on business days
  • Restoration: up to 5 hours per year included — e.g. restore from backup after a compromised plugin, or rollback after a problematic update

Without a contract, response typically takes 8 hours to 3 business days — the contract gives you binding communication windows.

What is explicitly out of maintenance scope?

Not included in the Essential maintenance scope:

  • Major version updates (e.g. WordPress 6.x → 7.x, large plugin version jumps)
  • PHP upgrades at server level
  • Hosting migrations
  • Plugin replacement — complete swap of one plugin for an alternative
  • Theme redesigns or larger theme extensions
  • Custom code development and new landing pages
  • Editor training, content creation, translation management
  • WooCommerce shop care as an ongoing discipline — for which we have our WooCommerce management as its own service

For these topics there’s a separate fixed-price quote or a WordPress agency engagement. The separation is deliberate — so maintenance stays plannable.

What happens on a security incident?

On a security incident we follow a structured incident-response process with response within 2–24 hours on business days (Essential package).

Concrete steps:

  • Immediate isolation of the site — maintenance mode, possibly temporary off
  • Forensics — which file compromised? which entry path?
  • Recovery from a clean backup taken before the incident
  • Close the vulnerability — plugin update or virtual patch at WAF level
  • Post-mortem report with root cause, actions and recommendations

We give no blanket "100 % secure" guarantee — no one can honestly do that — but we actively reduce the attack surface with Site Protect (virtual patching, hardening, attack monitoring) and respond in a structured way.

We have a page builder (Elementor, Bricks, Divi). Does maintenance work with that?

Yes — maintenance also works with page-builder sites (Elementor, Bricks, Divi). In the onboarding audit we check the concrete stack and assess the update risk.

What’s different with page builders:

  • Higher update risk — more dependencies between builder, theme and plugins
  • Higher load — accordingly a surcharge on the Essential price often applies
  • Performance depends on hosting — with suitable PHP/memory limits, object cache via Redis and clean CDN setup, even Bricks or Elementor sites run fast

Very old page-builder sites (e.g. WPBakery / Visual Composer in Theme Forest themes) we occasionally decline if the risk profile is unmanageable — then we recommend a relaunch via our WordPress agency.

Do you maintain sites at All-Inkl, IONOS or World4You?

In principle yes, provided the site stays operable there — we maintain you where you are.

We deliberately don’t recommend these hosts for serious WordPress sites, because performance, scaling and operations support regularly hit limits there.

In the onboarding audit we check whether a migration makes sense — standard recommendations:

  • Hetzner Cloud or Dedicated (Frankfurt/Falkenstein)
  • Fly.io Frankfurt
  • Raidboxes managed WordPress

All three: EU data residency. We offer such a migration as a separate fixed-price package, not within the maintenance scope.

Do you also handle cookie banner and GDPR care?

Technical implementation yes, legal assessment no — we cleanly implement the technical prerequisites for GDPR-compliant operation; the legal assessment belongs in the hands of your lawyer or data-protection officer.

What we implement technically:

  • Consent Mode v2 correctly wired up
  • Cookie-banner plugin granularly configured (Borlabs, Complianz or similar)
  • Tracking pixels off by default until consent given
  • EU hosting for data residency

What is not included in the Essential package:

  • Active ongoing care of the configuration — e.g. when Google changes Consent Mode requirements or new tracking tools are added

Adjustments run separately as a fixed-price package or via a retainer.

What we deliberately don’t deliver: the legally binding assessment (which categories, how to log consent audit-proof, whether third-country transfers are sufficiently documented). That belongs to lawyer/DPO. We deliver technical templates, not legal opinions. The same applies analogously to FADP (Switzerland).

What happens at end of contract?

Full handover without vendor lock-in.

You receive:

  • All hosting accesses in your name
  • Backups as download or directly to a successor provider
  • Plugin licences (bought via us) transferred to your name
  • Update history and all status reports
  • Documented restore procedure
  • Onboarding documentation for the next agency

We don’t force anyone to stay.

Related services.

All services
WEB & SOFTWARE

WordPress agency

WEB & SOFTWARE

Web development

E-COMMERCE · WOOCOMMERCE

WooCommerce management

E-COMMERCE · PLATFORM-AGNOSTIC

Online-shop management

Sounds like a match?

Request a free consultation
Get in touch