SolidSite for WordPress SolidSite for WordPress
Private beta

SolidSite is your private WordPress publishing platform. We take WordPress off the public internet and serve your finished site from the edge - fast, secure and private.

SolidSite keeps WordPress where it belongs: locked away in your own private environment, never exposed to the open web. Your team keeps publishing exactly as they do now, and the SolidSite plugin builds a fast static version of your site right inside WordPress, then pushes it out to the edge of the internet. No public PHP, no database on show, no attack surface to defend - just a site that loads instantly and stays online even when WordPress is off.

For now, SolidSite is in private beta and open to just a select number of teams. You're welcome to register your interest or chat with us to find out more.

Fast. Secure. Private. WordPress.

We take WordPress off
the public internet

Your content stays in WordPress. Your website is delivered from the edge - so there is nothing public to attack and nothing slow to load.

WordPress Private

No public access to your server.

Static, Fast, Global

Delivered from the edge, everywhere.

Secure by Design

No PHP, no database, no attack surface.

Publish in Seconds

Incremental, atomic, instantly live.

Always On

Online even if WordPress is offline.

How SolidSite works

Private in.
Edge out.

1

Private WordPress

WordPress runs in your own environment - and never answers the open web.

  • On premises or private cloud
  • Behind a VPN or Zero Trust
  • No public HTTP / HTTPS
2

SolidSite plugin

A plugin inside WordPress builds your static site and pushes it out.

Render Build Optimise Publish
  • Built locally, pushed out
  • Incremental & atomic
  • Versioned, instant rollback
3

Global Edge Delivery

Your site is served to visitors from the edge of the internet.

  • Edge caching, lightning fast
  • Always available
  • Close to every visitor

Visitors get a fast, secure experience anywhere. Forms and search still work - handled through outbound polling, so your WordPress never needs inbound traffic.

Perfect for

Built for teams that
can't afford to be exposed

Government & Public Sector
Enterprise Organisations
Higher Education
Financial Services
Agencies & Developers
What's included
WordPress kept fully private
No public PHP or database
Static delivery from the edge
Forms & search via outbound polling
Publish in seconds, atomically
Version history & instant rollback
Works with Zero Trust or VPN
Plugin compatible - Elementor, ACF & more
Stays online even if WordPress is down

The result: A WordPress site that is invisible to attackers, lightning fast for visitors, and always on.

Our approach

How we
deliver it

01

Render

The SolidSite plugin runs inside WordPress and renders your pages to static HTML - all locally, with nothing exposed to the internet.

02

Build

It assembles the static site, capturing only what changed for fast, incremental publishing.

03

Optimise

Pages and assets are optimised for speed so every one is ready to serve the instant a visitor asks for it.

04

Publish

The plugin pushes the finished site out to the edge - an outbound push, so WordPress never has to accept an inbound connection.

No. Your team keeps writing and editing in WordPress exactly as before. SolidSite handles publishing and delivery quietly in the background.

Yes. SolidSite works with the tools you already rely on - Elementor, ACF, Gravity Forms, Forminator, SEO and analytics plugins, and thousands more.

The SolidSite platform captures form submissions and search queries at the edge and passes them to your WordPress through outbound polling. Your site reaches out to collect them, so forms and search keep working without WordPress ever accepting an inbound connection.

Your live site keeps running. Because visitors are served a static copy from the edge, your presence stays online even while WordPress is down for maintenance, updates or an outage.

Anywhere private - on premises, a private VPC or cloud, or behind a VPN, Zero Trust access or Tailscale. SolidSite only needs a secure outbound connection to it.

SolidSite is currently in private beta. Speak with us to learn more and register your interest in early access.

Why private WordPress

The most popular CMS in the world is also the most attacked

You cannot attack what you cannot see. SolidSite takes WordPress off the public internet entirely.

WordPress runs a huge share of the web, which is exactly what makes it the single biggest target on it. SolidSite's answer is refreshingly blunt: stop putting the engine on the public internet at all.

Almost every WordPress horror story starts the same way - an open door nobody meant to leave open. A plugin a version behind. An exposed login page being tried thousands of times a night by bots that never sleep. A database sitting one misconfiguration away from daylight. The usual response is an arms race of firewalls and scanners, all working furiously to defend something that did not need to be publicly reachable in the first place.

SolidSite takes the target off the board. WordPress stays in your private environment - on your network, in a private cloud, behind a VPN or Zero Trust access - and never answers a request from the open internet again. There is no public PHP to exploit, no database to reach, no admin page to brute-force. You cannot attack what you cannot see, and to the outside world your WordPress simply is not there.

What visitors get instead is a fast, static copy of your site, published in seconds and served from the edge of the internet - close to wherever they happen to be. Static pages have no code to execute and nothing to inject, so they are both dramatically faster and dramatically safer. The result feels less like a website and more like infrastructure: quick, quiet and hard to knock over.

Publishing stays effortless because nothing about your day changes. Your team writes and edits in the WordPress they already know, hits publish, and the SolidSite plugin builds the change and pushes it live - atomically, with a full version history and a one-click rollback if a change ever needs undoing. The plugins you depend on keep working; the workflow you trained everyone on stays intact.

And because the live site no longer depends on WordPress being reachable, your presence stops being fragile. Update plugins in the middle of the day. Take the server down for maintenance. Weather a traffic spike that would have flattened a normal install. Through all of it, the version your customers see keeps loading - fast, secure and online. That is the quiet promise of SolidSite: your content still lives in WordPress, but your website no longer has to depend on it.

How it compares

The same WordPress.
None of the exposure.

Locking the backend behind Zero Trust or a VPN helps - but the public site still runs on WordPress. SolidSite removes the public runtime entirely. Here is how the three approaches stack up.

Included Partial or manual Not available
Capability
WordPress
+
SolidSite
WordPress
+
Zero Trust
Standard
WordPress
Architecture
Public site runs independently of WordPress
WordPress becomes a private publishing engine
Public site served from the edge
Static HTML delivered to visitors
No public inbound HTTP / HTTPS required
Performance
Static page delivery
Edge caching by default
Handles traffic spikes without scaling WordPress
Reduced database load
Instant rollback
Security
Public WordPress runtime removed
Public PHP execution removed
Public database access removed
Public login endpoint removed
No anonymous PHP execution
SQL injection exposure reduced
Operations
One-click publish
Publish only changed pages
Deployment logs & verification
Public site stays online if WordPress is offline
Compatibility - no trade-offs
Existing hosting retained
No headless rebuild required
Elementor, ACF & Gravity Forms
SEO & analytics preserved
Works with Wordfence & Patchstack

Residual risk, side by side

If the worst happens
WordPress
+
SolidSite
WordPress
+
Zero Trust
Standard
WordPress
Origin discovery
Low
Medium
High
Compromised administrator
Low
Medium
High
Malicious plugin
Low
High
High
Compromised WordPress server
Low
High
High

Summary comparison of common approaches - your exact setup may vary. WordPress + Zero Trust refers to the common enterprise setup of the backend only protected by Zero Trust, while the frontend remains public.

SolidSite is currently in
private beta

We're onboarding a small group of teams while we refine it. If private, edge-served WordPress sounds like what you need, speak with us to learn more and register your interest in early access.