11 Security Add-ons You Should Offer to Boost Your Hosting Revenue

Previously, Plesk CTO Jan Loeffler, talked about changes in the hosting market. And suggests hosters offer a custom, hyper-tailored security solution – at a higher price. This includes services like automated malware removal, antivirus, web application firewall, and anti-DDOS in existing hosting plans. But why does it pay to do so?

The benefits of selling security services with hosting

  1. You increase customer spending; thus bringing in more profit
  2. The entire hosting package is more attractive to customers
  3. You strengthen client loyalty and trust; hence client retention

Firstly, when you offer complementary security services (panel-integrated malware scanner/auto-malware cleanup), you up revenue, or create a new revenue stream. Secondly, embedded anti-viruses and other security solutions give a competitive advantage over other hosters. And finally, all those features bind the client to you – their hosting provider.

Hosting customers’ attitudes have been changing in the last three years because of mass infection and automated website hacks. So, site owners worry about security and are ready to pay for it. That’s what makes this a good time to offer security services with hosting.

What security services can hosters offer their clients?

On the left you can see four security services that require human participation. On the right, there are seven complementary services you can fully automate. Now let’s reveal the perks of offering each service.

1. Malware Removal

With thousands of websites hacked every day, web admins want a complete hosting service. One that cleans viruses, whitelists or blacklists domains, protects from re-infection and keeps sites up and running. This will have the most demand.

2. Managed Web Security

Customers want a dedicated security expert to handle security. That’s 24×7 monitoring, automatic file scans, integrity checks, regular domain reputation checks, vulnerability control, web attack protection and credentials management. It may be more profitable to outsource Managed Web Security to an expert. The service can either be optional for an existing plan, or a separate service with boosted security abilities.

3. Secured VPS

Managed VPS hosting is ideal for any user, regardless of technical level. Because the hosting provider handles technical server-related tasks, including service and OS components update, kernel patching, and HIDs setup.

4. Migration to HTTPS

While switching to HTTPS has many advantages, underestimating the process can be a disaster. For both rankings and traffic. You can’t just deploy an SSL certificate to the domain. Smooth migration to HTTPS needs a webmaster to adjust XHR requests, match the scheme, adapt page nav, and fix embedded objects. If you’re selling SSL certificates, this service is a good add-on.

5. Website Antivirus

Continuously monitors for malware, finds and cleans viruses, web-shells, backdoors and hacker tools, thus preventing damage. It’s an instant help for compromised websites and a must-have for any hoster.

Plesk already offers Revisium Antivirus. This is a smart malware scanner with one-click automatic malware cleanup and domain reputation check. The Shared Hosting Edition enables feature management integrated with service plans. So, any server admin can configure the antivirus for each service plan.

6. Website Security Monitoring

 This lets you stay in control of security and functionality. It checks websites and identifies issues at the earliest. You can also easily embed the service into the hosting panel, available for customers by per-domain subscription.

7. Web Application Firewall

Patch vulnerabilities and fix misconfigurations of web apps to save a hacked website from a second attack. Web Application Firewall resolves these issues using virtual patching and traffic filtering. It can also be seamlessly integrated into the hosting panel.

8. Virtual Patching

Sometimes, a CMS can’t update to the latest version. Because site owners want to keep old projects running under the same user account. So, the websites become vulnerable and threaten the neighbors. Virtual (or real) vulnerabilities patching is a lighter and cheaper solution than Web Application Firewall in this case.

9. Website Isolation

Each site must operate in an isolated environment to prevent access to site files and data. If you don’t implement this, you get mass infection under the user account – one hacked site results in cross-contamination. Good practice is to place each website under separate OS user accounts. Or in an isolated container like Docker, lXC, VM. Website isolation can be a separate paid service you can offer customers.

10. Extra Backups

Many users get an unpleasant surprise when they contact their hoster for an old backup and expect to roll back a site to a version older than 2 weeks. The solution may be to expand the user account with Extra Backup, which you activate right from the panel. So, customers can keep as many backups as they’re willing to pay for.

11. DDoS Protection

A DDoS attack happens when a network of computers sends a large volume of requests to a web server at the same time. With DDoS protection, a customer’s site is less likely to crash, and visitors are less likely affected by poor website performance. This service may also include spam-bot and HTTP flood protection – both very popular nowadays. So, the AntiDDoS might be a good option for hosting to resell.

How an Antivirus Solution Creates a New Revenue Stream

Currently, Plesk provides a ready-to-use antivirus and security monitoring solution, Revisium Antivirus (available as Free, Premium and Shared Hosting).

The latest Shared Hosting edition offers many uses via Permissions in Service Plans and per-user settings. So, server admins for example, can manage customers’ features and sell the malware cleanup service separately. Alternatively, they can enable some features for specific plans, like this:

  • Disable the antivirus for chip or free service subscriptions.
  • Make Scanner available for free plans and automatic cleanup for paid plans.
  • Have email notifications on malware detection for specific users only.
  • Antivirus for server admins only so they can check and clean customers’ websites.

So that’s 11 services hosters can add to existing service plans or as separate services. Take this strong competitive advantage to increase revenue and strengthen your clients’ loyalty. Then your next step is checking out more ways hosters can respond to customer expectations.


  1. I love being sure with everything you do, with security you are safe esspecially in businesses online

Add a Comment

Your email address will not be published. Required fields are marked *


  • Yes, please, I agree to receiving my personal Plesk Newsletter! WebPros International GmbH and other WebPros group companies may store and process the data I provide for the purpose of delivering the newsletter according to the WebPros Privacy Policy. In order to tailor its offerings to me, Plesk may further use additional information like usage and behavior data (Profiling). I can unsubscribe from the newsletter at any time by sending an email to [email protected] or use the unsubscribe link in any of the newsletters.

  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden

Related Posts

Knowledge Base

Plesk uses LiveChat system (3rd party).

By proceeding below, I hereby agree to use LiveChat as an external third party technology. This may involve a transfer of my personal data (e.g. IP Address) to third parties in- or outside of Europe. For more information, please see our Privacy Policy.