Hi, I’m Tim Nash
I like to scare people at conferences

I talk (a lot) about WordPress and security as well as subjects like performance and system administration at events and even occasionally on my blog

I am a WordPress security consultant who helps agencies and business owners to secure and scale their websites and processes.

Picture of Tim Nash, arms crossed

We took an enormous amount of value from the short session and can highly recommend Tim's expertise and approach.

Mark Lansdale Portrait
Mark Lansdale
Candle Digital

Let's chat about your security?

Book a FREE 20 minute call with me to see how you can improve your WordPress Security.

(No Strings Attached, honest!)

Tim Nash at Steelcon 2019

WordPress Security Consultant, System Administrator & Developer


How many hats does one person need? Tim has certainly tried his hand at most of them. Tim’s background is in both development and security, he has run a development agency as well as developing and managing one of the largest WordPress hosting platforms in the UK. Today Tim is a WordPress security consultant, helping organisations with support, consultancy, training in WordPress security and WordPress hardening.

Part of the WordPress community


Tim has been actively involved in the UK community since, well, there has been a UK community. He has helped organise WordPress Leeds, the oldest User Group in the country, for over 10 years. He is one of the admins for the WordPress Community UK Slack group as well as having spoken at nearly every UK WordPress User Group.

Core Contributor
Plugin Developer
Meetup Organiser
Support Team
WordCamp Speaker
UK Slack Admin
Tim Nash at WordCamp London Tim Nash at Steelcon 2019

Tim Talks a lot at conferences and at smaller user groups


While normally focusing on WordPress and Security, his topics have been pretty varied, from testing methodologies through to robbing banks. His talks tend to be entertaining and informative. His goal is to make things accessible but also to make it easy for people to research.

Tim is nearly always happy to come and talk to your group or conference; for information, see his Speaking Page.

Helping you and your customers stay safe


WordPress Security Consulting Services

Power Hour Consulting

Want to get expert advice on your site's security? Whether you're dealing with a hacked site or looking to future-proof your security, Tim will provide personalised guidance and answer any questions you may have. A power hour call is an ideal starting place for a project or a way to break deadlocks in complex problems.

Learn more

Site Reviews

Want to feel confident about your site's security and performance? A website review from Tim has got you covered. Using a powerful combination of automated and manual testing to analyse your site for any potential vulnerabilities or performance issues. With a comprehensive report and, importantly, recommendations for each action required.

Learn more

Code Reviews

Is your plugin or theme code secure and performing at its best? Tim provides a comprehensive code review, that combine the power of manual and automated testing, as well as a line-by-line analysis of your code base. With actionable insights, to help you optimise your code's security and performance.

Learn more

Or let's chat about your security?

Book a FREE 20 minute call with me to see how you can improve your WordPress Security.

(No Strings Attached, honest!)

“I hired Tim to do an audit on one of our most popular plugins, not only was this one of the best business decisions I have made. It was an invaluable experience and one I would highly recommend to any other plugin/theme developers. The takeaways from this have been super beneficial to my business (both in coding and business) and I now have the confidence to grow and take it to the next level!”

Aaron Bowie
Aaron Bowie
MD We Are AG

“Our team have built countless WooCommerce sites but this was our first foray into releasing a product and we wanted to be sure on the code quality, scalability and security of our code. Tim was thorough, detailed and exceptional at walking us through the issues in our code. For me what was more important though, was that he did so in a very kind and insightful way that motivated the team, improved the plugin but also helped us implement tools and processes into our workflow that has benefitted us across the board in all work we do. I could not recommend this service more highly and I wish we'd done it sooner!”

Phil Morrow
Phil Morrow
Director Happy Kite Ltd

Latest Articles

Advisory: Advanced Custom Fields changes

Action maybe required for some users

Tim has published an advisory to his clients on changes to ACF and is publshing them in public.

In the world of WordPress, a little automation can go a long way?

Do you fear automatic updates?

Are WordPress Automatic updates with multistage testing, backups, and alerts more reliable than manual updates? Let's discuss!

📢📢📢 WordPress User Security Workshop!

Live Event on August 29th 2024

Join my WordPress User Security Workshop on August 29, 2024! Learn about user account management, authentication, and monitoring. Early bird pricing available until August 8.

Still blogging like a confused hacker!

My PHP/WordPress Application Server Stack in 2024

How is this site powered? I'm pretty sure your site isn't running this application stack for WordPress! Featuring Caddy, PHP-FPM, Tailscale.