THSP Website — Ongoing WordPress Maintenance

Background

The Health & Safety Partnership (THSP) is a UK-based consultancy delivering health, safety, and HR services across 48+ industries. Their public-facing website at thsp.co.uk is a complex WordPress installation — a content-rich platform with a custom theme, multiple premium plugins, a Knowledge Hub, case studies, and event functionality — serving as the primary business development and credibility asset for the organisation.

The site had been running without active technical oversight. Issues had accumulated quietly in the background: a database growing out of control, backups going to a former agency's account, high-risk plugins updating themselves without review, and PHP errors in the error log that had never been investigated. Nothing had broken visibly — but the technical foundations were in worse shape than anyone had realised.

Bright Web took over ongoing maintenance in April 2026, establishing a structured monthly support retainer to keep the site secure, up to date, and technically sound.

How We Work

As part of taking over the retainer, a dedicated local development environment was set up — a complete private copy of the site running on a separate machine. All updates and changes are tested here before anything touches the live site, significantly reducing the risk of an update causing a problem that visitors would see.

A documented monthly maintenance process covers plugin and core updates, security checks, backup verification, error log review, and visual checks across key pages. Each month, a plain-English client summary report is produced so THSP can see exactly what was done, what was found, and whether any decisions or actions are needed from their side.

Month One: What We Found and Fixed

The first month combined backlog clearance — resolving issues that had built up without oversight — with the standard routine maintenance package.

Database Bloat: 670 MB Recovered. A bug in the Really Simple Security Pro plugin had caused the site's security event log to grow indefinitely — accumulating 15 months of data, 5.3 million rows, and 674 MB of storage, representing 73% of the entire database. The cleanup function existed in the plugin but was wired to the wrong internal event, so it never ran. A small fix was deployed that correctly triggers the cleanup each day. The old data was cleared, recovering 670 MB, and the log will now automatically prune entries older than 30 days going forward.

Backup Configuration: Secured. The site had been sending weekly backups to a Dropbox account belonging to Valiant, the previous agency. As that relationship had ended, the destination was no longer appropriate or accessible. The backup destination was updated to the current server, and a daily database-only backup was added alongside the existing weekly full backup. Both schedules were tested and verified.

Auto-Update Policy: Tightened. Several high-risk plugins had automatic updates enabled — meaning they could update themselves without notice at any time. An unexpected update to the wrong plugin can break page layouts, search functionality, email delivery, or the caching layer. Manual update control was implemented for eight critical plugins including Advanced Custom Fields Pro, Yoast SEO, Search & Filter Pro, Post SMTP, and WP Fastest Cache. Low-risk utility plugins remain on auto-update. WordPress minor version security patches also remain on auto-update; major core updates are now manual.

PHP Error Fix: Knowledge Hub Template. The site's PHP error log contained repeated warnings from the Knowledge Hub listing template, caused by variables that could be uninitialised in certain conditions — a latent issue in the custom theme code. The affected variables were initialised with safe defaults and deployed to production. No further warnings have appeared since.

Plugin Updates & Post-Update Testing. All plugins were brought fully up to date, including two premium plugins (Duplicator Pro and Really Simple Security Pro) that required manual licence-key verification. Following updates, the site was checked across desktop and mobile on key pages including the homepage, navigation, search, and five service and content pages. No issues were found.

Outcomes

After month one, the THSP website moved from an unmonitored, technically degraded state to a clean, secure, and properly managed platform. The database is healthy, backups are working correctly, plugin updates are under controlled review, PHP errors have been resolved, and WordPress core is current. The site health summary at the end of the first report:

WordPress core: up to date (6.9.4) · Plugins: all up to date · PHP errors: resolved · Database: cleaned (670 MB recovered) · Disk space: healthy (49% used, 240 GB free) · Automated backups: configured and working · Auto-update policy: tightened.

Ongoing monthly maintenance continues, with a client summary report delivered each month so THSP always know the current state of their site.

Technologies & Tools

WordPress (6.9.4), PHP, custom theme, Advanced Custom Fields Pro, Yoast SEO, Search & Filter Pro, Relevanssi Premium, Post SMTP, WP Fastest Cache, Really Simple Security Pro, Duplicator Pro. Local development environment for safe pre-production testing.

What Our Client Says

"Glen has been a standout addition to our business. From the moment he joined as an extension of our IT team, he felt like part of the company rather than an external provider. The difference compared to a traditional agency relationship is significant. Glen is invested, proactive and genuinely cares about outcomes, not just tasks.

He consistently anticipates issues before they arise, responds at pace and brings a level of ownership that is rare. Nothing is ever too much trouble, and his approach removes friction rather than creating it.

For a small business like ours, choosing Glen has been absolutely the right decision. He offers the capability, responsiveness and trust you would expect from a much larger function, combined with the personal approach that makes working with him a pleasure. We are delighted to have him supporting us."

Kirsty Maynard, Commercial Director, THSP

Visit the Website

thsp.co.uk

Is Your WordPress Site Running Without Active Support?

Most WordPress problems are invisible until they aren't. Bloated databases, misdirected backups, uncontrolled plugin updates, and silent PHP errors are common in sites that have been left without regular technical oversight.

We offer monthly WordPress maintenance retainers for established business websites — with a plain-English report each month so you always know what's been done and what's happening under the hood. Get in touch to find out more.