We have a static website hosted on Microsoft Azure. Our marketing team wanted a easy way to update it so WordPress was installed on Azure, the site was created, marketing team updates it. A WordPress plug-in exports their updates as HTML which is shown on the static website. By not allowing WordPress to constantly run, it reduces our risk of WordPress vulnerabilities.
Can using plug-ins like WordFence, iThemes security help for a case like this?
How can I ensure when newer versions of WordPress is released, it is updated automatically?
Any other advice would be appreciated.
I have gone through