WordPress Security Audit

Is your website secure? Find out before someone with bad intentions does.

Why do you need a security audit?

90% of WordPress websites have vulnerabilities they don't know about. Bots scan millions of websites every day automatically. You don't need to be a big target to get attacked.

Choose your audit level

Two options depending on what you need. Start with the free one and, if you want to go further, we move on to the full audit.

Gratuita

External audit

I analyse your website from the outside, just like an attacker would. Without installing anything or accessing your admin panel.

  • XML-RPC and attack vectors
  • User enumeration
  • HTTP security headers
  • Exposed files and directories
  • SSL/TLS certificate
  • WordPress fingerprint
  • Email report within 24-48h
Solicitar gratis
Completa

Internal audit

With access to the WordPress admin panel, I review the actual configuration, plugins, permissions, database and everything that can't be seen from the outside.

  • Everything from the external audit
  • Plugins and themes: versions, vulnerabilities, abandoned
  • Users, roles and weak passwords
  • wp-config.php configuration and security keys
  • File and directory permissions
  • Database status and optimization
  • Informe profesional en PDF con puntuación
Solicitar presupuesto View sample report (PDF)

Request your free external audit

Leave me your website URL and I'll send you the report within 24-48h. No commitment, no cost.

It's that simple

1. Give me the URL

For the external audit I only need your website address. For the internal one, I also need temporary access to the admin panel.

2. I analyse your website

I run the security checks corresponding to the chosen level, simulating what a real attacker would do.

3. You get the report

Within 24-48h you receive the report with the findings, score and recommendations to fix them.

Frequently asked questions

What is the difference between the external and the internal audit?

The external audit analyses your website from the outside, like an attacker would: without installing anything or accessing the admin panel. It detects what is publicly visible. The internal audit goes much further: with access to the WordPress admin panel, I review plugins, configuration, permissions, database and everything that can't be seen from the outside.

Is the external audit really free?

Yes, no fine print. I send you a report with your website's external findings at no cost. If you then want a deeper review or the problems fixed, we talk.

Do I need to install anything on my website?

Para la auditoría externa, no. Para la interna, necesito acceso temporal al panel de WordPress (usuario administrador). No instalo nada permanente.

How long until I receive the report?

Entre 24 y 48 horas laborables. El análisis automatizado es rápido, pero yo reviso personalmente cada informe antes de enviártelo.

What if serious problems are found?

I explain exactly what was found and what risk it poses. If you want me to fix it, I'll give you a quote. If you prefer to do it yourself or with your developer, the report has all the information you need.

Can the audit affect my website's performance?

No. The checks are passive and non-intrusive. Your website continues to work normally throughout the process.

What are you waiting for?

Start with the free external audit. If you need more, we move on to the internal one.

Solicitar auditoría gratuita

Want ongoing protection? View maintenance plans →

Does your website comply with the Accessibility Act? Accessibility Audit →