Patchstack user since: September 2023
Getting hacked isn’t pleasant in any scenario, but it’s never as critical as when you manage WordPress websites for clients. When Morten Ellegard, the owner of ellegaard ID, a web development and maintenance company, realized that a site in his portfolio was hacked, he started looking for solutions.
Today, he has a fully structured care stack to keep his clients’ websites safe and performing optimally.
What caused the hack?
The hack that prompted Morten to look for a solution was a one-day vulnerability exploit. As is the case with one-days, the website was attacked on the same day the vulnerability was discovered.
In cybersecurity, one-day and zero-day vulnerabilities are among the most dangerous. Because developers don’t have enough time to react by issuing a security fix, a virtual patch is the only solution that can reduce the time your websites are exposed.
This is where Patchstack came in handy for Morten.
Why did Morten choose Patchstack?
With plugins and themes responsible for 97% of all security bugs in the WordPress ecosystem, they’re the most common vectors used in attacks.
After the attack, Morten started looking for preventive solutions.
Other tools he’d considered were good at protecting their specific security areas (for example, server or network), but Patchstack was the only one specializing in the most vulnerable layer: the WordPress application layer.
In Morten’s words:
“Your system with the virtual patch was an extra feature that I really liked.”
Patchstack slotted into Morten’s security stack perfectly, offering protection against vulnerabilities that developers haven’t fixed yet.
At a price point of $1.98/site/month (if using the Developer plan for up to 50 sites), Patchstack’s protection is affordable and robust.
“If there's a major update to critical plugins like WooCommerce, I test it in a staging area first.”
In cases where you want to test the update first, Patchstack gives you time to update at your convenience. The vPatching protects you in the meantime.
How does Patchstack provide protection?
Patchstack forms a security layer around your website whenever there is a vulnerability in one of your plugins. It doesn’t alter the code but serves highly-targeted security rules (vPatches).
When an attacker attempts to exploit that specific vulnerability, Patchstack stops them in their tracks.
The vPatching function is fueled by the world’s leading WordPress vulnerability database.
Patchstack became the #1 CNA (vulnerability processor) in the world in 2023, having a community of security researchers and ethical hackers who actively look for vulnerabilities that attackers might exploit in the dark.
Plus, Patchstack runs a Managed Vulnerability Disclosure Program for plugin developers to assist in disclosing and fixing vulnerabilities in time. Clients include Elementor, Visual Composer, WP Rocket, and more.
Protection from outdated and abandoned plugins
When clients first approach Morten, they often arrive with outdated setups including abandoned plugins (i.e., developers no longer issue updates and vulnerabilities will never be fixed).
Since outdated and abandoned plugins pose a significant security risk, Morten uses Patchstack to keep the sites safe as he finds new plugins with the same functionality.
How to manage cybersecurity as part of website maintenance
Now that Patchstack is a part of Morten’s maintenance tool stack, there are fewer vulnerabilities to worry about.
He has a weekly process where he checks for updates, does a full backup, and then applies updates to plugins and themes.
And since Patchstack reports on the number of vulnerabilities mitigated and threats blocked, it’s easy for him to review the current threat landscape.
Plus, Morten keeps an eye out for any WordPress world updates that could help his clients grow their revenue.
After all, care plans are exactly what it says on the tin: caring about your clients’ businesses as if they were your own.
Give your clients the world’s fastest vulnerability protection. Explore Patchstack or book a demo.
