Virtual Patching Add-on
complete
Aurelio Volle
Description:
Our upcoming feature will introduce virtual patching to bolster your website's security. Virtual patching involves sending specific rules to mitigate vulnerabilities in software without altering the vulnerable code itself. Managed web application firewalls, like can automatically deliver virtual patches to your website when vulnerable software is detected. This innovative approach enhances security by intercepting and neutralizing threats before they reach your web application, ensuring a robust defense against exploitation attempts.
This will be an add-on made in collaboration with Patchstack and will not be included in WP Umbrella $1.99 pricing.
Key Benefits:
- Efficient Vulnerability Mitigation:Mitigate vulnerabilities in your software without the need to modify the original source code, minimizing disruption and risk.
- Proactive Security:Virtual patching intercepts and blocks malicious traffic in transit, preventing successful exploitation attempts and safeguarding your web application.
How Can You Help Us?
- Vote:Show your interest and support by voting for this feature on our roadmap.
- Share Your Ideas:Have additional suggestions or ideas related to website security? We're all ears! Share your thoughts with us.
- Tell Us Why This Is Important for you?Share your personal insights on why this feature is important to you to help us understand your perspective.
Aurelio Volle
Virtual Patching is now fully integrated in the report as well. It's automatically added to the security page if Site-Protect is activated on the site.
A
Akira Zabala
Aurelio VolleThis is awesome!! Thanks for this great addition!
Aurelio Volle
complete
We’ve completed our integration with Patchstack — and we’re offering much more than just Virtual Patching.
Meet Site Protect: our new add-on that automatically shields your websites from the most common security threats.
It includes:
✅ Virtual Patching for unpatched plugin/theme vulnerabilities
✅ Protection against user enumeration (via ?author=1, XML-RPC, REST API)
✅ Defense against clickjacking and XSS (via HTTP headers)
✅ Brute-force protection on exposed endpoints
✅ Blocking of file access probes (e.g., readme.txt, debug.log)
✅ Anti-spam for proxy comment attacks
✅ Hidden WP version to prevent targeted exploits
💸 Launch Pricing
- $2/month per site until June 30 (launch offer)
- $3/month per site after
No contract, no lock-in. Enable or disable anytime.
💶 Frequently Asked Questions About Site Protect
1) Can I replace my existing WordPress security plugin with Site Protect?
In most cases, yes. Site Protect offer virtual patching and also covers the most common WordPress-specific threats like plugin vulnerabilities, file access attempts, version exposure, and more. If you’re using a general-purpose plugin for basic hardening or virtual patching, Site Protect can likely replace it — with better performance and no configuration.
2) What’s the difference between Site Protect and Patchstack?
The main difference is that when you use the Site Protect add-on through WP Umbrella, you won’t get a standalone Patchstack account or access to their dashboard. Everything is managed directly inside WP Umbrella.
3) What is virtual patching?
Virtual patching protects your site by blocking known vulnerabilities — even before you update the affected plugin or theme. It acts as a safety layer, preventing exploits until an official fix is released and installed.
4) What kinds of attacks does Site Protect block?
Site Protect covers a wide range of common WordPress-specific threats, including:
Exploits in outdated plugins and themes
User enumeration (to prevent username discovery)
Access to readme.txt, license.txt, debug.log, and other sensitive files
Brute-force via XML-RPC
Version disclosure
Proxy comment posting
Clickjacking and XSS (via HTTP headers)
File editor abuse from within wp-admin
5) Does it scan for malware?
No — Site Protect focuses on prevention, not cleaning. We believe malware scanning should happen at the hosting level or during deployment. Site Protect stops known exploits before they become a problem.
A
Akira Zabala
Aurelio Volle Thanks for this awesome feature!! I'll try it ASAP. Is the promotional price grandfathered indefinitely for existing activations?
G
Gabriel
Akira Zabala In the info text they say: The Site Protect add-on is currently available at a launch price of 2€ per site/month.
✅ This price will be locked in for any sites you add before the end of the month.
⏳ After that, the price will increase to 3€ per site/month for any newly protected sites.
D
David Mitchell
Gabriel I had the same question, as it wasn't clear whether the launch price was only for the first month. Thanks for adding the explanation from the announcement modal on the dashboard.
D
David Mitchell
Aurelio Volle — this looks great!
As a current Patchstack customer, would we need to uninstall the Patchstack plugin from each protected site before enabling the WP Umbrella add-on?
Aurelio Volle
in progress
We've started the active development of this integration with Patchstack.
Phil B.
Aurelio Volle awesome!
Phil B.
I'm eager to see this! Any updates on this?
A
Andy Tate
Aurelio Volle Do you have any update on this please?
Dusin Dauncey
This would be pretty awesome, hopefully only an additional $0.50 or $1.00 USD to each site. For those who use Patchstack already separately, it'd be good to have it integrated so that there wouldn't be a need for it as an add-on if they can link with their existing PatchStack account perhaps.
Jayden Moey
any update on the implemetation?
C
Chris Key
Love this. As others have said, needs to work when patchstack already exists on site.
K
Kade McConville
I too have many sites in WP Umbrella already using Patchstack. I'd like to see a deeper integration with Patchstack to include metrics in monthly reports (from patchstack).
Jayden Moey
Hey guys, any timeline for the implementation of virtual patching?
Load More
→