Monitor your website security, without installing anything.
We monitor your website security with 97 checks — from the outside, without installing anything, in plain language. We watch and alert you.
What we check on your website every day:
Platforms we analyse in depth
We also detect any website and perform a generic security analysis.
WordPress / WooCommerce
Detection of vulnerable plugins, exposed version, wp-admin access, checkout integrity.
PrestaShop
20 specific checks: known CVEs, vulnerable modules, Magecart-style injections.
Generic engine (97 checks)
SSL/TLS, headers, cookies, DNS/email, DNSBL reputation, WAF/CDN, technical GDPR.
We also detect (generic analysis):
You do not need to get hacked to have a problem.
A website without GDPR compliance, with poorly configured cookies or without accessibility is already subject to fines today — without anyone attacking you. And fines from the AEPD fall mostly on small businesses, not large corporations.
Most companies do not fail to comply out of bad faith: they fail because nobody tells them something went wrong. That is exactly what we do.
72% of AEPD fines fall on SMEs and freelancers.
Activate only what you need. We monitor it for you.
Web security
We monitor your website's security with 97 checks. If you also sell to the European Union, the GDPR applies to you and we tell you if you comply.
That easy. You do not touch a thing.
Monitor my site every day →
We check your website from the outside, just like anyone on the internet would. Nothing to install, no access to your server.
We alert you if something goes wrong
If we find an issue, we explain it to you by email in plain words: what it is, what could happen to you and what you need to do.
You decide what to do
You fix it yourself, pass it to your IT person, or leave it to your partner. No rush, but time to act.
Security and compliance without complicating your life.
No agents, no plugins, no touching your server. We look at your website the way anyone would from the internet — and we tell you clearly.
If you understand an email, you understand Astrópalo.
And just in case, we have your back too.
Beyond compliance, we monitor attack attempts, vulnerable plugins, expired certificates and data leaks. If something smells off, we alert you before it is too late — not 200 days later.
From 100 $/month. You only add the modules you need.
Start with the base monitoring and add compliance when you need it. Each module adds its price — no confusing bundles to decipher.
Base
Daily security monitoring · email alerts · monthly report · 1 website
And only add the modules you need (each one adds its price):
Reference price. Each partner sets their own terms and can offer you a tailored price.
Are you an agency, MSP or digitalisation agent?
Resell recurring compliance under your own brand. Set your prices, bill every month and leave the technical engine to us: you maintain the client relationship, we monitor their websites.
Looking for someone to manage it for you? Find a partner near you
FAQ
Do you need to install anything on my website?
No. We analyze your website from the outside, like any visitor. We don't access your server or control panel.
How do I sign up for Astrópalo?
Through a partner: an agency or professional who sets it up and manages it for you. We help you find one.
What regulations do you check?
Security best practices and whatever applies in your country. If you also sell to the European Union, we check the GDPR too. We tell you in plain language.
Does this prevent me from being hacked?
It greatly reduces the risk and alerts you to issues before they are exploited. But above all, it keeps you compliant and in control.
How much does it cost?
From 100 $/month for the base, and you add the modules you need. The final price is set by your partner.
How quickly do I see results?
The first analysis takes about 60 seconds. From then on, continuous monitoring.