WordPress hosting, maintenance, support and updates
Competitively priced UK hosting service for WordPress Applications.
Our friendly and helpful UK-based WordPress team manage Core and Plugin updates, as well as a backlog of CMS development requests.
Our service includes WordPress hosting, WordPress site maintenance, responsive SLA, resilient infrastructure, firewalls, security, monitoring, online helpdesk and WordPress issue tracking.
Features
- WordPress Hosting for Small, Medium and Large instances
- WordPress CMS & Server Maintenance
- Reliable & Flexible WordPress Support
- DDOS Protection Security & Firewalls
- WordPress disaster recovery policy
- Proactive Monitoring
- Implementation plan
- WordPress responsive Service Level Agreement (SLA)
- WordPress application and data daily back-ups
Benefits
- Easy backlog management for non-technical customers
- 24/7 Monitoring
- Flexible additional support hours available
- Permanent UK based WordPress team
- Cyber Essentials, GDPR compliance, PlanetMark, Living Wage Employer
- Social Value driven service - Social, Environmental & Financial
- Customer Onboarding and Offboarding
- Resilient infrastructure from major suppliers
- Regular reporting
- Compatibility with GovPress type WordPress instances
Pricing
£100.00 to £500.00 an instance a month
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
5 7 7 8 9 2 9 5 8 8 7 2 0 2 1
Contact
VU online Limited
Stuart Johnston
Telephone: 01803 866430
Email: info@vuonline.co.uk
Service scope
- Service constraints
-
EC2 Instance: Default Limit: 20 per region
EBS Volume: Default Limit: 5,000 volumes or an aggregate size of 20 TiBElastic IP: Default Limit: 5 per region
Elastic Load Balancer: Default Limit: 10
High I/O Instance: Default Limit: 2
Virtual Private Cloud: Default Limit: 5 - System requirements
- Internet access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
1. Total system loss or total inability to use a module do to functionality or security problem.
1st response: As soon as possible
2. One or more users are unable to carry out critical business processes. A large number of users are unable to access the system as normal.
1st response: As soon as possible
3 One or more users are unable to perform some functions within the system. No critical systems/processes affected
1st response: 1 day
4. Minor or cosmetic problem with some functions within the
system. Does not stop system from performing designed function
1st response: 1 day - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Standard use of Slack. Text, video or audio chat available.
- Web chat accessibility testing
- No testing done
- Onsite support
- No
- Support levels
-
1. Total system loss or total inability to use a module do to functionality or security problem.
1st response: As soon as possible
2. One or more users are unable to carry out critical business processes. A large number of users are unable to access the system as normal.
1st response: As soon as possible
3 One or more users are unable to perform some functions within the system. No critical systems/processes affected
1st response: 1 day
4. Minor or cosmetic problem with some functions within the
system. Does not stop system from performing designed function
1st response: 1 day
All support charged at £80/hour on monthy 30 day account. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Initial consulation on line to capture requirement, scale and technical needs. Creation of statement of work to agree scope, SLA and payment terms.
Ad hoc video training as required with client.
Monthy reporting and monitoring to be agreed.
Deployment and testing. - Service documentation
- No
- End-of-contract data extraction
- FTP
- End-of-contract process
- FTP data transfer - Free of Charge
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
- Dedicated cloud instances
- Usage notifications
- Yes
- Usage reporting
- Other
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Data layer
- Application layer
- Backup controls
- All backups are daily by default but can be changed to be more frequent as required.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Less than 99.99% but equal to or greater than 99.0%
10% Credit
Less than 99.0% but equal to or greater than 95.0%
30% Credit
Less than 95.0%
100% Credit - Approach to resilience
- Available on request.
- Outage reporting
- Slack alerts, email.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Strict named user Authentication over encryption.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
Government grade
PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171 - Information security policies and processes
-
The IT infrastructure that AWS provides to its customers is designed and managed in alignment with best security practices and a variety of IT security standards. The following is a partial list of assurance programs with which AWS complies:
SOC 1/ISAE 3402, SOC 2, SOC 3
FISMA, DIACAP, and FedRAMP
PCI DSS Level 1
ISO 9001, ISO 27001, ISO 27017, ISO 27018
Reporting structure is customised to customer needs.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
The AWS service itself is under the developmental control of Amazon.
The middleware or application layers used in conjunction are subject to regular expert review for security or upgardes. - Vulnerability management type
- Undisclosed
- Vulnerability management approach
-
AWS threats are managed by Amazon which includes patching and updates.
Any middleware or application layer sitting on the service is covered under a seperate agreement and process. This can be based on individual customer needs or as circustances change. - Protective monitoring type
- Undisclosed
- Protective monitoring approach
-
Incidents are responded to according to agreed SLA included elsewhere in this document.
Monitoring takes place at Amazon. Application layers which sit on te service can be monitored for unusual activity using (specifically in a WordPress system) iThemes Security Pro Scan. Additional software can include Pingdom, Uptime Robot and NewRelic as additional cost items. - Incident management type
- Undisclosed
- Incident management approach
- Incidents are reported by either monitoring software, technican or client. A ticketing system linked to Slack notifys an incident in real-time to all parties to be dealt with under the agreed SLA.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Other
- Other virtualisation technology used
- Amazon EC2 relies on Xen Virtualization for launching all of its instances. Every physical machine has a hypervisor running on it. A Xen hypervisor allows multiple instances to share a single hardware platform.
- How shared infrastructure is kept separate
-
An organization has one management account along with zero or more member accounts. You can organize the accounts in a hierarchical, tree-like structure with a root at the top and organizational units nested under the root. Each account can be directly in the root, or placed in one of the OUs in the hierarchy.
Different organisatiosns have different unconnected clound instances.
Energy efficiency
- Energy-efficient datacentres
- No
Social Value
- Fighting climate change
-
Fighting climate change
Vu is an Independently Verified CO2e Assessed Organisation:
https://vuonline.co.uk/carbon-policy/
Pricing
- Price
- £100.00 to £500.00 an instance a month
- Discount for educational organisations
- No
- Free trial available
- No