Agencies inherit badly maintained sites and underquote the true cost. Install the scanner on the site you're being asked to take on and get an honest risk verdict — and a recommended price band — in seconds.
FROM $49/YEAR · LIFETIME OPTION · 14-DAY GUARANTEE
“We quoted a standard care plan. Three weeks in we found end-of-life PHP, a bespoke theme nobody documented, two abandoned plugins and a database dump sitting in the web root. We were doing remediation for free.”— the takeover that ate the margin
The cost of a site you inherit is hidden until you're already committed. WP Takeover Scanner surfaces it before you send the quote.
Everything is read from the site itself, so the assessment is instant and works on a site you've only just been handed.
PHP & WordPress versions, the plugin estate, plugin conflicts, admin accounts, custom code, cron load, database weight, update posture, security posture, backup debris & exposure, and maintenance complexity. Each finding is scored and rolled into a single risk figure.
The weighted score becomes a plain verdict, and each verdict maps to an editable support price band you set to your rate card. The assessment doesn't just flag risk — it tells you what to quote, or whether to price a remediation project first.
The instant scan flags plugins with no wordpress.org updates. The optional deep scan asks wordpress.org for each plugin's last author-update date and tested-up-to version — surfacing plugins abandoned 2+ years and ones untested on your WordPress branch.
Database dumps, backup archives, an exposed .git directory, public debug logs — the sweep finds .sql / .wpress / .tar.gz files, oversized zips, backup folders and readable logs. Often the single scariest finding in a real takeover, and a fast credibility win in your report.
Produce a print-ready assessment with your logo, colour and agency name — the verdict, the price band and every category finding. Attach it to the proposal so the client sees exactly what they're asking you to take on.
Low, Medium or High, and the monthly support tier you should be quoting for it.
Every category with a severity, so the risks that matter are impossible to miss.
Abandoned plugins, exposed backups, dead PHP — the costs that don't show up until week three.
A branded report the client can read, so a defensive quote looks professional, not pessimistic.
The alternative to a scan is a hopeful guess and a standard price. Here's what changes when you see the site first.
| WP Takeover Scanner (us) | Quoting blind | |
|---|---|---|
| Know the risk before you commit | ✓ Verdict in seconds | ✗ Find out in week three |
| Abandoned / untested plugins | ✓ Deep scan flags them | ✗ Discovered the hard way |
| Backup debris & exposure | ✓ Swept automatically | ✗ Usually missed |
| A number to quote | ✓ Verdict → price band | ◐ Your standard rate, fingers crossed |
| Consistent across the team | ✓ Same assessment every time | ✗ Depends who looked |
| Client-ready justification | ✓ Branded PDF | ✗ None |
| Read-only & safe on a live site | ✓ Never modifies anything | ✓ |
| Replaces a manual security audit | ◐ Flags risk, doesn't replace it | ✗ |
The scanner doesn't replace a proper code review and security audit on a serious takeover — it tells you how much of each to budget for, and gives you the evidence to quote it. Full comparison →
Every plan includes every feature — all eleven categories, the deep scan, editable price bands and the branded report. You're only choosing how many sites.
25 sites · for agencies
Unlimited sites
Unlimited sites, forever
Prices in USD. Licence keys are domain-based — no accounts, no phoning home. VAT invoices available.
Eleven categories, all read live from the site with no external calls (except the optional deep scan): PHP and WordPress versions, the plugin estate, plugin conflicts, administrator accounts, custom code, cron load, database weight, update posture, security posture, backup debris and exposure, and overall maintenance complexity. Each is scored and weighted into a single risk figure.
The weighted score produces a Low / Medium / High verdict, and each verdict maps to an editable support price band you set to match your rate card. So the assessment doesn't just flag risk — it tells you roughly what to quote, or whether to price a remediation project first.
The instant scan flags plugins that receive no wordpress.org updates (custom, premium or abandoned). The optional Deep Scan then asks wordpress.org for each plugin's last author-update date and tested-up-to version — surfacing plugins abandoned for 2+ years and ones untested on your WordPress branch.
Inherited sites are notorious for database dumps, backup archives and exposed .git folders left in the web root, plus public debug logs. The scanner sweeps for .sql / .wpress / .tar.gz dumps, oversized zips, backup-looking folders, an exposed .git directory and readable log files — often the scariest single finding in a real takeover.
Yes. Produce a branded, print-ready PDF assessment (your logo, colour and agency name) with the verdict, price band and every category finding — ideal to attach to a quote so the client understands what they're asking you to take on.
No. It's read-only: it assesses and reports, it never modifies the site. A takeover should still include a manual code review and a proper security audit — the scanner tells you how much of each to budget for.
Order through the form and your licence key and invoice arrive by email, usually within the hour. Keys are domain-based — no account, no phoning home, no lock-in.
14-day money-back guarantee, no questions. Email us and we refund you.
Order below and your licence key and invoice arrive by email — usually within the hour. Install on the site you're assessing, run the scan, and attach a branded risk report to your proposal today.
14-DAY MONEY-BACK GUARANTEE · SUPPORT BY ACTUAL HUMANS