Billing Portal
WordPress & Astro Services

Everything your site needs. Nothing left unsecured.

WordPress or Astro. LiteSpeed or Cloudflare Pages. Every service we offer is built around the same principle: your site should be fast, secure, and actively looked after.

Start a Project
Get an Audit

Next-Gen Builds

Not every site needs WordPress.

We build in two stacks. Both ship with Cloudflare security configured from day one.

Pure Astro

Static-fast. Zero attack surface.

No PHP runtime to exploit, no admin endpoints to brute-force, no plugin ecosystem to compromise. Deployed to Cloudflare Pages with WAF rules and DDoS protection from day one.

  • Zero-JS by default — only ship what you need
  • Cloudflare Pages global edge CDN
  • No database, no server, no plugin vulnerabilities
  • Core Web Vitals optimised out of the box

Best for

Brochure sites, landing pages, and portfolios where speed and security matter more than a client-managed CMS.

Headless WordPress + Astro

CMS your team knows. Performance they won't expect.

Your content stays in WordPress. Your site runs as a static Astro build on Cloudflare's edge. The editorial workflow your team already knows, without the attack surface they don't need.

  • WordPress as headless CMS via REST API or WPGraphQL
  • Static Astro front-end on Cloudflare Pages
  • WordPress admin isolated from the public site
  • Incremental builds on content publish

Best for

Teams that need a client-facing CMS, content-heavy sites, or businesses already invested in a WordPress workflow.

Explore Astro Builds
Custom Development

Bespoke WordPress Solutions

Designed for your business. Engineered for longevity.

Every WordPress build we create is handcrafted for your business — blending modern UX, technical scalability, and robust security from the ground up.

What's included

  • Custom WordPress theme architecture built in Elementor Pro
  • Core SEO and on-page optimization best practices
  • Performance-first coding standards (LiteSpeed, Cloudflare, clean assets)
  • Security-hardened setup with WAF and Imunify360 integration
  • Optional automations (n8n workflows, dynamic data flows, API integrations)

Perfect for

  • Businesses needing a new or redesigned WordPress site
  • Those ready to scale beyond DIY or template builds
  • Brands that value speed, clarity, and technical stability

Deliverable

A future-proof WordPress website — designed, secured, and performance-tuned for your exact needs.

Start Your Build
Managed Services

WordPress Maintenance Plans & Bundles

Stay fast. Stay secure. Stay online.

Websites aren't "set and forget." Our managed maintenance bundles keep your WordPress environment healthy, protected, and continuously optimized.

Included in all plans

  • 24/7 uptime and security monitoring
  • Weekly plugin, theme, and core updates
  • Daily offsite backups (Wasabi cloud)
  • Malware and vulnerability scanning
  • LiteSpeed cache and database optimization
  • Cloudflare configuration and WAF rule tuning

Upgrade bundles add

  • Priority support & troubleshooting
  • Staging environments for safe updates
  • Performance profiling & reporting
  • Monthly security audit reports

Deliverable

Continuous peace of mind — your website, monitored, updated, and performing at peak efficiency.

Compare Plans
Pricing Plans

Choose Your Protection Level

All plans include core WordPress maintenance. Select the level of monitoring and support that matches your needs.

Swipe to compare plans

Recommended

Professional

$150/month
Get Started

WordPress Updates

(Core, Theme, Plugins)

WEEKLY

Offsite Backups

WEEKLY

Security & Malware Monitoring

DAILY

Uptime Monitoring

EVERY 15mins

Vulnerability Monitoring & Updates

WEEKLY

Performance Monitoring & Optimisation

Manual Review After Updates

Outage & Hacked Site Support

Domain Monitoring

SSL Monitoring

Care Plan Reports

Additional Support Time

30mins included

Discounted Hourly Rate

Patchstack Protection

INCLUDED

All plans include LiteSpeed cache optimization, Cloudflare integration, and Imunify360 security.

Patchstack

Patchstack protects your WordPress site from the constant wave of plugin and theme vulnerabilities that hackers love to exploit. It works quietly in the background — monitoring your site in real time, blocking known threats, and applying virtual patches long before a developer releases an official fix. With WordPress powering over 40% of the web, new vulnerabilities appear almost daily, and one outdated plugin can be all it takes for a site to be compromised. Patchstack keeps your website secure, your customer data safe, and your business reputation intact — without you lifting a finger. It's proactive protection that saves you from costly downtime and cleanup later.
Required for Non-Shadowtek Sites

WordPress Health Check & Audit

Before we can maintain a website not built by us, we conduct a thorough health check to identify security risks, performance issues, and technical debt.

$375
One-time fee
Comprehensive audit included

What's Included in the Audit

Comprehensive security audit
Performance analysis and optimization
Database health and cleanup
Vulnerability assessment
Code quality review
Plugin and theme compatibility check
Risk identification and mitigation plan
Security hardening recommendations

Important: This comprehensive audit is mandatory for all websites not originally built by Shadowtek before we can begin any maintenance plan. You'll receive a detailed report with actionable recommendations.

Get Started
Emergency & Scheduled Remediation

Malware Cleanup Service

Site been hacked or flagged? We'll identify, remove, and harden — whether you're an existing client or need emergency help.

Maintenance Plan Clients

Covered by Your Plan

Professional and Executive plan clients receive malware cleanup as part of their active maintenance agreement.

Executive Plan

Full cleanup included — priority response within 1 hour

Professional Plan

Full cleanup included — priority response within 2 hours

Essential Plan

Discounted rate — $150 per incident with 4-hour response

Cleanup for Professional and Executive plans covers infections not caused by client negligence (e.g., rogue plugins). See our Hosting & Security Policy for details.

New & Non-Plan Clients

Emergency Cleanup

Not on a maintenance plan? We can still help. Our emergency malware cleanup service is available to anyone with a compromised WordPress site.

$450
Starting from
Based on severity
Standard Cleanup$450

Single infection point, no major file damage

Advanced Cleanup$750

Multiple backdoors, database compromise, or reinfection

Critical Recovery$1,000+

Full site compromise, data exfiltration, or blacklisting

Response time is best-effort for non-plan clients.

What's Included in Every Cleanup

Full malware scan and identification
Complete removal of malicious code and backdoors
Database cleanup and integrity check
Security hardening post-cleanup
WordPress core file verification and restoration
Detailed incident report with root cause analysis

Post-Cleanup Protection: After every cleanup, we provide 30 days of monitoring to ensure the infection doesn't return. We also recommend a maintenance plan to prevent future incidents.

Get Emergency Help

Infrastructure Security

Cloudflare & Security

Cloudflare is standard on every site we touch — not an upsell. WAF rules, DDoS mitigation, and server hardening are part of the build, not an afterthought.

Cloudflare WAF

Web Application Firewall

Custom WAF rulesets configured for your stack. Blocks common exploits, injection attacks, and bad bots before they reach your server.

DDoS Protection

Always-On Mitigation

Cloudflare's global network absorbs volumetric attacks automatically. No manual intervention. No downtime under pressure.

Server Hardening

Imunify360 + WordPress Lock-Down

File permission hardening, login protection, XML-RPC lockdown, Imunify360 real-time scanning, and proactive patch management.

Security Audits

WordPress Health Check

Full site audit covering plugin vulnerabilities, file integrity, access logs, and hosting configuration. Required for all non-Shadowtek sites we take on.

Incident Response

Malware Removal

If your site is compromised, we clean it, harden it, and set up monitoring to catch recurrence. Maintenance plan clients get this covered.

Astro Security

Zero Attack Surface

Astro sites ship no PHP runtime, no admin endpoints, no plugin ecosystem. Combined with Cloudflare Pages + WAF, the attack surface is near zero.

Infrastructure

Managed Hosting Plans

Fast, secure, and fully managed NVMe hosting — built for WordPress performance.

Business Hosting

Ideal for small business websites and blogs — powered by NVMe + LiteSpeed for speed and reliability.

$20/mostandalone
$10/moif bundled with maintenance
  • NVMe storage + LiteSpeed server
  • cPanel access
  • Daily backups
  • Imunify360 malware protection
  • Email hosting included
Call to get started

Business Plus Hosting

For growing sites and small eCommerce — higher resources, Redis caching, and priority performance.

$40/mostandalone
$20/moif bundled with maintenance
  • Enhanced CPU/RAM allocation
  • Redis object caching
  • NVMe storage + LiteSpeed
  • Imunify360 + cPanel
  • Daily backups & uptime monitoring
Call to get started

Elastic Scalable Hosting

Purpose-built for resource-intensive or mission-critical applications. Powered by xcloud and KloudBean with dynamic resource scaling and full managed support.

$Custom/mostandalone
Contact us for bundled pricing
  • Application-specific, managed by KloudBean
  • Elastic scaling (CPU, RAM, storage)
  • NVMe + Redis + LiteSpeed stack
  • 24/7 performance and uptime monitoring
  • Ideal for SaaS, high-traffic, or mission-critical deployments
Call to get started

All hosting plans are fully managed in-house by our expert team — this is not your "cheap" shared hosting. LiteSpeed and Imunify360 security are included on all plans, with CloudLinux used exclusively for our cPanel-based hosting plans.

Optional bundled WordPress Care Plans are available at a discounted rate.
Extras

Optional Add-Ons

Available to existing clients only

Cloudflare enterprise-level configuration
n8n workflow automations
Custom security and firewall tuning
Website performance deep-audits
Migration and cleanup services
AI agents and intelligent automation
Voice agents and conversational AI
Discuss your needs
Hourly Rates

General Hourly Rate Structure

Flexible hourly billing for ongoing support, maintenance tasks, and custom development work beyond your plan inclusions.

Standard Rate

$180/hour

Includes

  • WordPress updates and patches
  • Plugin configuration and troubleshooting
  • Content updates and modifications
  • Performance optimization
  • Security hardening tasks
  • General maintenance work
  • Email and DNS support

Perfect for routine maintenance tasks, updates, and general support work that falls outside your plan's included time.

Complex Development

$360/hour

Includes

  • Custom plugin development
  • Advanced API integrations
  • Custom WordPress functionality
  • Complex database work
  • Third-party system integrations
  • Custom automation workflows
  • Advanced troubleshooting

For specialized development work requiring custom coding, complex integrations, and advanced technical expertise.

After-Hours & Emergency Rates

Work requested outside standard business hours (9 AM – 5 PM AEST, Monday–Friday) or requiring emergency response may attract a 2x rate multiplier. This applies to both Standard and Complex Development rates. Executive plan clients receive after-hours support as part of their plan.

Billing & Time Tracking

All hourly work is tracked in 15-minute increments and billed monthly. Work is pre-approved and quoted before starting. Clients with active maintenance plans receive priority scheduling and discounted rates on all hourly work.

Not-For-Profit Organisation Discounts

We support registered not-for-profit organisations and charities with discounted rates on our services. If your organisation holds valid not-for-profit or charity registration, please contact us to discuss custom pricing that fits your budget while delivering the same enterprise-grade security and performance.
FAQ

Services FAQ

Common questions about Shadowtek's WordPress maintenance, hosting, and development services.

What's included in a Shadowtek WordPress maintenance plan?
All maintenance plans include regular WordPress core, plugin, and theme updates; daily offsite backups to Wasabi cloud storage; 24/7 security and uptime monitoring; malware scanning; LiteSpeed cache optimisation; and Cloudflare WAF configuration. Higher-tier plans include daily updates, real-time monitoring, and included monthly support hours.
What does the included support time cover?
Included support time covers content updates and text changes, image swaps, minor layout adjustments, WordPress troubleshooting, plugin configuration within your site, and embedding third-party tools into your site. It does not cover support inside third-party platforms (MailerLite, ThriveCart, etc.), new pages or structural changes, general IT support, or anything requiring design input. Time is tracked in 15-minute increments. Unused time does not roll over. Work beyond your included time is billed at our standard rate.
Do I need a Health Check before starting a maintenance plan?
If your website wasn't built by Shadowtek, yes. A WordPress Health Check ($375 one-time) is required before we can maintain it. This audit covers security vulnerabilities, performance issues, plugin conflicts, database health, and code quality — so we know exactly what we're taking on before we commit to ongoing support.
What are the differences between the Essential, Professional, and Executive plans?
Essential ($70/month) covers monthly updates, monthly offsite backups, weekly security monitoring, and 30-minute uptime checks. Professional ($150/month) upgrades to weekly updates, weekly backups, daily monitoring, and includes 30 minutes of support per month. Executive ($230/month) provides daily updates, daily backups, real-time monitoring, 2-minute uptime checks, care plan reports, and 60 minutes of support per month.
Can I bundle hosting with a maintenance plan?
Yes, and we recommend it. When you bundle Shadowtek hosting with a maintenance plan, you get 50% off the hosting cost. Business Hosting drops from $20/month to $10/month, and Business Plus drops from $40/month to $20/month.
What happens if my site gets hacked?
Active maintenance plan clients receive hacked site support as part of their plan — this includes malware scanning, removal, database cleanup, core file restoration, and security hardening. For non-clients, we offer emergency malware cleanup as a standalone service, including a full incident report and root cause analysis.
What is the hourly rate for additional work?
The standard hourly rate is $180/hour for general development and support work. Active maintenance plan clients receive a discounted rate of $150/hour for any work beyond their plan inclusions.
Do you offer custom WordPress development for new websites?
Yes. Our Bespoke WordPress Development service builds custom websites from the ground up using Elementor Pro, with performance-first coding (LiteSpeed, Cloudflare CDN), security hardening (Imunify360, WAF rules), and optional automation workflows via n8n. Every build is designed for your specific business requirements.
What hosting infrastructure do you use?
All Shadowtek hosting plans run on NVMe SSD storage with LiteSpeed web servers for maximum performance. Business Plus and higher tiers include Redis object caching. All plans include Imunify360 malware protection and cPanel access. For high-traffic or mission-critical deployments, we offer elastic managed hosting via KloudBean with dynamic resource scaling.

Ready to Get Started?

Whether you need a new WordPress build or ongoing protection, we'll tailor a solution to fit your system, your goals, and your uptime requirements.