Finding good maintenance clients is harder than doing the actual work.
I've been doing WordPress maintenance for several years. The technical side - updates, backups, security monitoring - I figured out quickly. But for the first two years I relied entirely on word of mouth, which meant my client list grew randomly and slowly.
Then I started treating client acquisition like a system. Here's exactly what I do.
The core insight
Most WordPress freelancers send generic "I do web maintenance" pitches. They get ignored.
The emails that get replies are specific. They reference the actual site, the actual problem, and demonstrate that you actually looked.
This takes 3-5 minutes per prospect. It's worth it.
Step 1: Find prospects with real problems
I don't cold email random businesses. I find ones with specific, verifiable issues.
How to find them:
# Check WordPress version from page source
curl -s https://example.com | grep 'ver=' | head -5
# Check SSL expiry
echo | openssl s_client -connect example.com:443 2>/dev/null \
| openssl x509 -noout -enddate
# Quick uptime check
curl -o /dev/null -s -w "%{http_code}\n" https://example.com
For visual browsing, the Wappalyzer browser extension shows WordPress version and plugins on any site you visit. I use it while doing normal browsing - if I see a local business with an outdated stack, I note it down.
Where to look:
- Google Maps search for local business types, then check their sites
- Local business Facebook groups (look for people complaining about their site)
- LinkedIn connections who run businesses
Step 2: The "I found something" email
The single best opener I've found is mentioning something specific I found on their site. Not "I do WordPress maintenance," but "your site is running WordPress 5.8 which has a known RCE vulnerability."
Here's the sequence I use:
Email 1 (Day 1):
Subject: [Business name] website - quick heads up
Hi [Name],
I was browsing local [business type] websites and noticed your site is running WordPress [VERSION] - a version with a known security vulnerability that's been actively exploited since [DATE].
I thought you'd want to know before it becomes a problem.
I do WordPress maintenance for local businesses. Happy to fix this and check for other issues at no charge as an introduction.
Interested?
[My name]
That's it. 4 sentences. No pitch, no service list, no "I have 10 years of experience."
Email 2 (Day 5, no reply):
Follow up once with more context about the risk. Still no pitch.
Email 3 (Day 12, no reply):
Final email. Acknowledge you're going to stop following up. Sometimes this one gets the reply when the others didn't.
Step 3: The "free audit" variation
For prospects where the issue isn't obvious from the outside, I offer a free mini-audit.
Subject: Free WordPress health check for [Business]
Hi [Name],
I ran a quick check on your website and found a few things worth your attention:
- SSL certificate expires in 23 days
- WordPress is 14 months out of date
- Site loads in 7.2 seconds on mobile (Google recommends under 3)
I've put together a short report - no cost, no obligation. Want me to send it over?
The response rate to this is roughly double the cold issue email, but it takes more time upfront. For high-value targets it's worth it.
Step 4: Discovery call
When they reply, I do a 15-minute call. My goal isn't to pitch - it's to understand their situation and find out if I can genuinely help.
Questions that matter:
- When was the site last updated?
- Who handles it now? (Internal? Agency? Nobody?)
- Has anything ever gone wrong?
- How much time does the team spend dealing with site issues?
The last question usually ends the conversation. Nobody expects their answer to be "actually, we spend several hours a year on this." But they almost always do.
The numbers
From a typical month of outreach:
| Activity | Volume | Result |
|---|---|---|
| Prospects researched | 30 | - |
| Cold emails sent | 20 | - |
| Replies | 3-5 | 15-25% reply rate |
| Discovery calls | 1-2 | ~50% of replies |
| New clients | 0.5-1 | ~50% of calls |
At $150/month per client (conservative), consistent monthly outreach adds $75-150/month recurring indefinitely. Over a year, 8-12 new clients = $1,200-1,800/month added to your retainer income.
What I learned from getting it wrong
For the first two years, my emails were terrible. Paragraphs about my background. Lists of services. "I specialize in..." language.
Nobody replied.
The shift was understanding that nobody hires a WordPress maintainer because they want WordPress maintenance. They hire one because their site broke, their site is slow, or they're worried it will break.
Lead with their problem, not your solution.
The toolkit I use
- Wappalyzer - browser extension for instant tech stack detection
- GTmetrix - free site speed analysis (generates shareable reports for prospects)
- crt.sh - check SSL certificate expiry publicly
- UptimeRobot free tier - monitor a few prospects to catch when they go down (great conversation starter)
- Calendly free - scheduling link for discovery calls
Total cost: $0.
The templates
I've written out 5 complete email sequences (18 emails total) including the cold outreach variants, a referral request sequence, win-back campaigns, and a LinkedIn outreach system.
If you want to skip the writing: WordPress Client Acquisition Kit on Gumroad ? - use code DEVTO for 24% off.
What's your experience with cold outreach for freelance work? I'm curious whether the "specific problem" approach works in other niches the same way it does in WordPress.
More in this series: WordPress Agency Toolkit
- I automated WordPress maintenance across 8 sites
- How I land WordPress maintenance clients with cold email
- WordPress site running slow? 30-minute diagnosis checklist
- The WordPress maintenance business: real numbers and pricing
- WooCommerce maintenance: 8 checks that keep payments alive
- MainWP vs ManageWP vs custom scripts
- WordPress security: 10-minute monthly checklist
All tools and templates: devautomation.gumroad.com
Top comments (1)
This is one of the few cold outreach posts that actually sounds like engineering instead of motivational LinkedIn poetry 😄
The biggest takeaway here is simple: specificity beats volume every single time.
Most freelancers send “I build websites” emails, while you’re basically sending production incident reports with better manners 😂
Also love the idea of treating client acquisition like a repeatable system instead of waiting for referrals like a developer waiting for tests to magically pass.
The “lead with their problem, not your solution” line is probably the most valuable sentence in the entire post.
And honestly, showing someone their SSL expires in 23 days is the freelance equivalent of “your check engine light is on.”
Great reminder that good outreach is less about selling and more about proving you actually paid attention.