Case Study dealstreetasia.com ↗

DealStreetAsia

From emergency security remediation to a pioneering headless CMS platform — a technology partnership built on trust and sustained delivery.

  • WordPress at Scale
  • Headless CMS
  • Security Hardening
  • Paywall & Subscriptions
  • Bot Mitigation
  • Slack & Mailchimp Integrations
How it started

DealStreetAsia was among our earliest engagements, beginning with a focused mandate to resolve a security issue on their site. Following a comprehensive audit and rapid remediation, we were retained as their long-term technology partner.

What we built

Significant capabilities, delivered over years of partnership

  1. Security Audit & Remediation

    The engagement began as a targeted intervention — a focused mandate to resolve a live security issue. We conducted a comprehensive audit, identified root causes, and shipped a rapid remediation that stabilised the platform and restored confidence.

    • WordPress Security
    • Vulnerability Assessment

  2. Subscription System & Paywall

    We designed and implemented a robust subscription system and paywall that effectively prevents content leakage to archive services and scraping platforms — protecting the core business model of a subscription-driven financial publisher.

    • Custom WordPress
    • Paywall Architecture
    • Anti-Scraping

  3. Platform Scale: 80,000+ Articles

    We scaled the WordPress installation to support a live corpus of over 80,000 articles without compromising performance — a non-trivial challenge requiring careful attention to database architecture, query optimisation, and object caching strategy.

    • WordPress at Scale
    • Database Optimisation
    • Object Caching

  4. Headless WordPress with Next.js

    Ahead of the curve, we transitioned the platform from a traditional WordPress frontend to a Next.js–based architecture, using WordPress purely as a headless CMS. This was well before the approach became mainstream — a decision that significantly improved performance, flexibility, and developer experience.

    • Next.js
    • Headless CMS
    • WordPress REST API

  5. Mailchimp Integration & Daily Digests

    The platform is deeply integrated with Mailchimp, enabling automated daily digests that deliver curated content to subscribers. The integration handles subscriber lifecycle management, segmentation, and delivery scheduling — keeping a demanding editorial audience consistently engaged.

    • Mailchimp
    • Email Automation

  6. Slack Subscription Workflows

    Since the operations team relies on Slack as their primary communication platform, we extended subscription management workflows directly into Slack through custom bot integrations — enabling the team to handle subscriber actions, receive alerts, and execute common tasks without leaving their workspace.

    • Slack API
    • Custom Bots
    • Workflow Automation

  7. Bot Mitigation & Edge Performance

    At the scale and visibility of DealStreetAsia, the platform is a constant target for scrapers and automated abuse. We built custom bot mitigation systems using Nginx with Lua-based extensions, alongside an in-memory caching layer capable of holding the entire content corpus — ensuring resilience during traffic spikes without service degradation.

    • Nginx
    • Lua
    • In-Memory Cache
    • Bot Detection

  8. Authenticated Admin Access via Vouch

    To secure administrative access, we implemented a Vouch proxy layer that restricts entry to authenticated users via Google Workspace — adding a meaningful additional layer of protection to the WordPress admin interface and substantially reducing its exposure to credential attacks.

    • Vouch Proxy
    • Google Workspace SSO
    • Nginx

Managing a large WordPress platform?

Whether you're dealing with performance at scale, a security concern, or a migration to a headless architecture — we've done it in production.

Start a conversation