How I Started To Sell WordPress Care Plans To My Clients?

This blog post is written about Sander’s experience and how he started to sell WordPress care plans with the help of Patchstack.

Hey there! Sander here – you might recognize me from the Patchstack support channel.

In this article, I’ll share a bit about how I started using Patchstack, and how I am building my little side hustle using Patchstack to sell WordPress care plans. I’ll also include little tips & tricks on how you could do it, too!

I have been a customer of Patchstack since 2018 when the product first launched. Because I had been developing WordPress websites for a few years, I saw Patchstack as an excellent tool for protecting my clients’ websites.

I’d had several occasions where the sites got mysteriously hacked – once, I even needed to clean up one server where hackers had uploaded an online bank phishing page. The server had a text file with over twenty people’s credit card numbers. Yikes!

How I first started to sell WordPress care plans using Patchstack

Selling website protection to my clients was initially difficult because people usually have no idea how big of a target their website is. The most common answer I got after the initial sales pitch was: “But who would want to hack my website? I run a small business; what do the hackers get out of it? I have nothing valuable to hide”.

Most of the sales I did manage to make were to people whose sites had already been hacked – i.e. people who already understood the risk.

I’m not a good salesman, but I eventually convinced some clients that security is essential. I even sold a few very basic security plans, but I also agreed to do all the version updates themselves. This, however, was not a complete solution because these website owners didn’t actively do the needed updates, and I still ended up doing it for them from time to time.

Building the sales pitch to sell WordPress care plans

I started working for Patchstack in 2022 and during my time here I got to learn more about different security topics. It was actually this experience that inspired me to start this little side-project – my very own website care plan service.

Selling care plans becomes much easier once you understand the potential risks in the WordPress ecosystem because you’ll be able to explain these risks to your customers so they are easy to understand.

Here are some steps I go through to get my customers on care plans:

Step 1: Have clear arguments about why security is important

These are the arguments I use to support the idea of why site owners need a care plan:

• Your site doesn’t have to be popular to be targeted by attackers – WordPress itself is popular, which makes the platform a target. It is used on over 40% of websites today, and hacker bots target all WordPress installations equally. Thousands of attacks can be carried out with just one click.
• The more plugins your WordPress site uses, the greater the likelihood of having a vulnerable plugin in there that could be exploited.
• The most successful hackers hide signs that a site is hacked, so no one even knows there’s a problem. A hacked website may keep doing damage in the background – silently. Day to day it may leak data, damage SEO, maintain phishing sites, etc.
• WordPress plugins and themes get constant security patches from their developers. If these components are not updated regularly (and quickly), then the security bugs may be exploited, making your website a threat to both your business and your visitors.

If you want to learn more about WordPress security you can read our 2022 security whitepaper – it should give you a better understanding of what is (or isn’t) a threat, which in turn will help you explain them better to potential clients.

Step 2: Figure out what you offer in your care plans

Security is not just about turning on a firewall and calling it a day. Aside from protection, a care plan should provide additional layers of security and service.

What I went with – and that is also what most such service providers offer – is this:

• Monthly updates for themes, plugins, and WordPress core version
• Firewall protection and hardening rules
• Monthly PDF reports about the state of their site’s security
• Monthly backups
• 1-2 hours of development time or content management per month

Depending on where your clients live, you can charge approximately $100-$200 per month per client – though the actual price will also depend on any additional services you may want to offer.

Step 3: Educate your current customers

Whether you prefer cold calling or emailing, it is vital to discuss security openly. You can use the arguments from Step 1 to tell them why keeping their sites up-to-date and secure is essential.

Before making a pitch, you can also install Patchstack on a client’s website to monitor its current situation. The free Patchstack plan shows you how many of the site’s components are vulnerable to exploits. These are potentially dangerous and need updating as soon as possible. You can use that information to illustrate the potential risks with actual, relatable examples to a potential client.

You can sign up to try it out and check the vulnerable components. We also have complete instructions for signing up and connecting the plugin here.

Step 4: Do basic marketing

To onboard more customers, it is crucial to market your service well. Here are some steps you can take to keep your marketing funnel active:

• Have a website where that clearly communicates your care plan offer
• Make sure the SEO is done well; you can also publish blog articles about different security topics to stand out from the crowd. Find ways to write creatively.
• Join different Facebook groups related to WordPress and web development topics – for example, The Admin Bar Community. We also have a Patchstack WordPress Security community where you can ask even more advanced security-related questions. You can help people out and make excellent connections in such groups.
• Some hosting providers are looking for partnerships with agencies and freelancers who offer care plans. Remember that it’s also beneficial for them to keep the hosted environments secure.

Do you want to sell WordPress care plans?

I hope my story has inspired you to take the first steps toward selling WordPress care plans. If you have any questions about setting up your care plans, about using Patchstack, or about security in general, you can always find me in the support chat box on our home page – so hope to see you there!