Protect your WordPress website

WordPress security by WordPress experts

Take the guesswork out of keeping your investment safe

What's Included?


We run regular scans against databases from the world leaders in malware protection including Sucuri and Wordfence to ensure that no known malware is lurking on your web server.


If we find any malware, we clean it as soon as it is uncovered, either in our initial scan or a subsequent one, and fix the vulnerability. This ensures the impact to your brand image and SEO is minimised


Our Web Shield service incorporates industry-leading web application firewalls and Wordpress hardening techniques to turn your website into Fort Knox and protect you from malware.

Keep malware and hackers out!



What can malware do to your website?

Malware can do a lot of different things, some of the most common are:

Payment Theft

In this scenario, it commonly manifests with payment details on your e-commerce site being replaced with someone elses. Usually malware is left behind that checks to see if you have changed the payment details back to your own. If you have, it changes them again when you aren’t looking.

This can result in customer payments going to someone else, bad publicity, erosion of brand trust and loss of sales. It also has the potential to cost you products if you ship without realising that the payment hasn’t gone to you.


Typically this kind of malware aims to hide itself so you don’t notice it. It takes advantage of the fact that you as the site owner don’t spend very long on pages on your website. So after a delay it shows ads to users still on the website. Sometimes they appear at the bottom of the site, sometimes it is an ad overlay, however the most common is a redirect that sends users to another page full of advertising that may also include other scams. We have also seen this manifest with websites deleted, replaced with ads.


A website can become part of a botnet when it has been compromised. It can then be used to perform functions as part of a large network of hacked websites and computers. It could be used to send out millions of spam emails in your name, or to attack another website, just to name a couple of possible uses.

Reputation Damage

There are so many different kinds of malware, but at the end of the day, they all damage your business reputation. Search engines have begun tracking infected websites and lowering them in search results. Web browsers have begun warning users when they try to go to an infected website, and some make it extremely difficult to get to that website in any way at all. Then of course there are the data breach reporting rules in Australia and the negative perception that malware can create towards your business.


Most malware aims to be inconspicuous so that you don’t notice what it’s doing. Ransomware though actively locks you out of your website until you meet the demands of the hacker. Besides locking you out, it may also block your website to your customers.


Your website may appear completely normal, but another hidden page is setup with the intention of scamming users. It could be a fake bank login or government site. It could be a fake login for another business, or a fake payment page. Typically these kinds of malware pretend to be something legitimate in order to illegally obtain users login details. Those login details are then used to access their accounts, potentially stealing money, identities, or anything else that can be easily targeted.

You are paying for their scam traffic with your hosting account and your brand is becoming associated with the scam. Watch out.

Unauthorised Users

In this scenario, unauthorised users are created with administrator privileges, giving them the power to make any changes they like on your WordPress website. This can enable them to do anything from defacing your website to skimming customer information.


Our Guarantee

If your website is hacked or infected with malware, ransomware or any other malicious code after we have secured it, we guarantee to clean and restore your website for as long as you maintain an active TerraMedia Web Shield subscription. If we can’t, we’ll build you a new one at no cost!

Subscribe Now


Small websites.
Less than 1gb in total size.
Approx. 50-100 pages and posts.




Medium websites.
Less than 3gb in total size.
Approx. 100-300 pages and posts.




Large websites.
Less than 6gb in total size.
Approx. 300-500 pages and posts.




Massive websites.
Unlimited website size.
Unlimited pages and posts.



Prices listed are in Australian dollars and include GST for Australian residents.

~90,000 Australian websites are infected with malware each month*

Will yours be one of them?

Frequently Asked Questions

Can this service completely stop all attacks on my website?

No. Our Web Shield service is intended to improve the security of your WordPress installation and protect it from many common attacks. However, it cannot prevent every possible attack and so this service includes backups and website first-aid to recover your website in the event of an attack. The best prevention of all forms of attack is diligence and good practice. This service provides both of those things to your WordPress website and makes it as hard as possible for unwanted intruders to get in.

Is this service available on any hosting environment?

Our service has been designed with cPanel servers running Apache in mind. This incorporates the vast majority of web hosting providers. While our service is available to any WordPress website, and should be compatible with any WordPress compatible platform, it’s not possible to say for certain that it will work on any hosting environment.

Can I take advantage of this service on a new or existing WordPress website?

Yes, this service is available for both new and existing WordPress websites. There are some security implementations that could break existing websites. In those instances we assess the scenario and work around any possible breakages to ensure you obtain maximum security without breaking your website. Please note though that it is possible your website may experience a short period of downtime while it is secured.

Could this service break my website?

Absolutely. However, part of our job is to ensure your website is backed up and recoverable at all times. That means that if some part of our service breaks your site, we’ll recover from a backup and have your site back online as fast as possible.

What happens if my website gets hacked while I'm subscribed to this service?

Typically, our monitoring picks up hacks and malware quite fast. If, however, you notice the hack before us. Let us know, and we will be straight into performing first-aid for your website. We will recover your site from a recent backup and secure the vulnerability.

How much backup space is included?

Technically, it is unlimited, but it can only be used for your website files and database.

What happens if I don't renew my subscription?

Your website backups will cease and some of the website hardening measures will no longer function. Some of the measures put into place will remain. You will also no longer be eligible for any malware cleaning while your subscription is inactive.

What information do you require for this service?

We will need your login credentials for your web host control panel and for an administrator account on your WordPress installation. These details are stored in an encrypted location and used solely for the purpose of your Web Shield subscription.

What if I'm not happy with this service?

We think you will be delighted, but if for some reason you aren’t, you can cancel at any time and we will give you a pro rata refund for any unused portion of your subscription.

What’s the difference between this service and a plug-in like Wordfence or iThemes Security?

A plug-in like Wordfence or iThemes Security does a great job of hardening your WordPress website against hackers and malware. There are also plugins that back up your site for you. Our service does both of those things for you with a completely white glove experience. In other words, we do it all for you using more security approaches than a single plug-in can offer. Then we actively monitor your site for malware, and in the event of a hack or infection, we guarantee to clean and recover your website for you. In other words, we do it all for you from securing your site to backing it up and recovering it if there is an attack.

Is the unlimited plan really unlimited?

Yes, however please be aware that protection, backup, and recovery only applies to one WordPress website even if there are multiple sites on the server. It also only applies to files associated with your WordPress website. Other files stored on your server are not included.

What happens after I subscribe?

First, we’ll get in touch with you to organise access to your server and website. We will also clarify any particular needs you have that could be affected by increased website security. Then we will get underway in securing and backing up your site as well as cleaning if applicable.

My website already has malware, can you help?

Absolutely. When you subscribe, we will assess the malware and clean it. We can’t guarantee that we can completely recover your website as there won’t be a backup history, but we will do everything possible to get you up and running again and protected. Depending on the state of the website, there may be extra costs involved but we will let you know about these if necessary.

More Questions?

© TerraMedia. All rights reserved.