The perfect WordPress host

I’m increasingly convinced there’s a market out there for some kind of managed WordPress hosting. A provider with special expertise in WordPress, PHP and MySQL. Someone who can look after patches etc automatically for you. Who has the knowledge and tools to offer better-than-average security. But crucially, who is also happy for competent people to mess around a bit.

There’s really no argument with the power of WordPress, its simplicity, and (of course) its price. So the point for debate when I go to pitch a WP-based idea, is where it will sit, how secure it will be there, and who will look after patches and updates. Of course, there are good answers to those questions:

  • use wordpress.com, and let Automattic themselves take care of it all;
  • self-host, and self-manage;
  • some kind of rolling arrangement, where you bring Mr Consultant back in as and when;

but I’m thinking of a brilliant answer. One whereby the supplier pledges to apply additional security measures, and to install any patches / security updates to WordPress, PHP or MySQL as soon as they become available… but still gives freedom to designers / developers to make reasonable use of plugins (etc).

Of course, that doesn’t cover you for potential weaknesses in the plugins: and the perfect host would take some responsibility here too – vetting, approving, updating, whatever. I’d be looking for some kind of proactive communication, bringing things to my attention as and when. And of course, let’s not forget the inevitable hosting questions of bandwidth, 24/7 monitoring, disaster recovery, and so on.

If such a hosting provider exists, I’ve yet to find them. I know of several well-regarded services aimed at serious developers; but I haven’t yet seen any aimed at the emerging class of designers with reasonable tech skills.

And I’m steadily becoming convinced there are enough of us around, small-scale operators producing customised WordPress sites, to make it a viable business. Clients would unquestionably pay a decent premium annually for managed hosting like this, especially when the base software itself is free of charge.

It’s not something a solo operator could take on, but I’m wondering if there are people reading this who could help make it happen. Some kind of cooperative, perhaps? Somebody already in the hosting business, with PHP and MySQL skills, but no WordPress t-shirt yet?

Please, if anyone has any thoughts, suggestions or draft business plans… stick a note in the comments, or drop me an email.

12 thoughts on “The perfect WordPress host

  1. I think the main issue is how plugins would be handled — I’d love for the hosting company to take care of the updates of all the WP installations i’m responsible for (having spent a good hour or two today doing 2.6.2 updates). To be able to recommend a hosting service like this to a client would save a lot of headaches.

    The problem comes from when something changes to affect a plugin you’ve relied upon — the host vetting all plugins used would be time consuming and restrictive (especially if you hack them or build your own for certain sites). I’ve also got sites where I’ve had to hold back from updates as 2.6.1 doesn’t play well with bbpress for example.

    If there was a method of testing or quick roll back or even being able to specify security patches only automatically and the rest managed by a click…

  2. I think the problem is that a host would only be able to offer a fixed number of plugins other wise they would spend all their time constantly updating, so they would only be able to offer the main wordpress then update the security patches when needed.

  3. Hello from a cooperative worker. I think it would be pretty simple to do the above, but how much are you willing to pay for it? The WordPress-MU hosting server I’m running isn’t making me any money yet, so I’m reluctant to launch another.

  4. @David Granted, the plugins thing is optimistic. With 2,500-ish plugins out there, and more appearing all the time, it’s probably too much to expect. But hey, like I said, it’s a nice ideal to aim for.

    It would be enough, to start with anyway, for someone to take on responsibility for security patches and ‘minor’ updates (eg 2.6 to 2.6.1) to the core WP install, and its absolute dependencies.

  5. I run a managed dedicated server and want to increase usage to the point where it gives me a much better rate of return. I’ve installed my WP installations individually, not using MU. I t was my understanding that MU didn’t allow individuals to install their own plugins, but I could be completely wrong about this.

    Also, it may be better to upgrade individually, so that discussions about plugins could take place with developers prior to upgrading and possibly breaking an installation. I’m thinking providing a testing platform prior to ‘taking the plunge’. Of course, the supplier would build up a knowledge of which plugins work with new upgrades/security fixes.

    I have to say I’d put myself in the mid-geek category, but have just started working towards a degree in computing and Internet technologies.

    But maybe a co-operative effort with others filling in knowledge gaps would work. Start off in a smalland low-key way. Happy to be transparent regarding my methodologies, with those that feel this would be a way forward.

    I’d also need to put together costings, as I need to avoid financial millstones.

    Early days.

  6. “It was my understanding that MU didn’t allow individuals to install their own plugins, but I could be completely wrong about this.” — Yes, that’s completely wrong. You can use one of the plugin-installing plugins to let people install their own. Additionally, you can force plugins (antispam? sitemaps?) across all sites on an MU.

    However, there’s no *need* to use MU for single-wordpress/multi-blog if you don’t want to.

    Oh well, seems like no-one’s willing to state their price point in these comments. ;-)

  7. From a potential service user’s point of view, I think this is a great idea. Two years ago I specifically chose DreamHost based on the fact that they provide one-click installs and upgrades etc. for WordPress. Now that I have several clients’ sites using WP as a CMS, keeping an eye on the upgrades and patches is a bit long-winded and not something I want to spend my time on. As Jon mentioned above, “testing or quick roll back” options would be great.

    I would quite happily pay a premium for a hosting provider who could take care of the WP maintenance yet also be supportive and flexible on the customisation of individual WP installs.

  8. I run three specific ‘Managed WordPress’ installs for niche markets – one for writers/authors – one for mental health, and one for the ‘general’ market. None do particularly well because people don’t seem to be able to seperate the concept of paying for expertise (with a donation back to WordPress) from a piece of open source software.
    Updating the plugins is about to – officially – become next to negligible, from what I’ve seen/tested – updating the core is what’s going to increasingly upset people, given it seems to break if you don’t do it *just* right. It’s no longer a five minute install (but it’s close), but anything like this is probably going to face stiff complaints unless someone steps up to the plate and evangelises the differences between expertise and push button. I’m slowly working on that too ;)

  9. I’d be very happy to pay a premium for a secure service, but not the kind of premium Automattic charge for this http://wordpress.com/vip-hosting/

    I want to set up (or more specifically, involve students at my son’s school in setting up a number of WordPress installations connected with projects the parents’ association is running. One of them involves putting the school’s newsletter online using a Revolution theme.

    But there’s a lot of talk around – on the web and elsewhere – about security vulnerabilities in WordPress. Lots of reasons for this, and obviously no platform is totally secure, but WordPress attracts a lot of attention simply because of its number of installed sites.

    So a host which could guarantee pretty high levels of defences from hacks would be worth paying for, particularly for a school site, just not worth as much as WP VIP charge – assuming you get through their application process, that is.

  10. Hi, I ran across this pounding my head on my keyboard trying to figure out how to manage a wordpress client. I have a small hosting company in the US. We basically only offer services to customers who need something unusual – like tech companies who need subversion repos and trac and and private spaces nobody can get to… But along the way we have picked up occasional other clients with small budgets and sometimes very little technical know-how. WordPress – seems to be a great tool for getting them up and running.

    So we decided to test the waters.
    Our model is to set up a wordpress instance ($250 us)
    it comes with a suite of available themes and popular plugins
    Then we charge 85 per month if no comments are allowed.
    IF comments are allowed we would need to potentially charge more if bandwidth got crazy – I have yet to find a model for pricing that is really fair on both sides as the machine maintenance (we own all our machines) can get pricy as well as the cost for power and bandwidth at the datacenter.

    We are very security conscious! – most of the team here is involved in development projects (software) for the entertainment industry on the technical side.

    So what would a fair price be? What would you like to have?

Comments are closed.