We have a static website hosted on Microsoft Azure. Our marketing team wanted a easy way to update it so WordPress was installed on Azure, the site was created, marketing team updates it. A WordPress plug-in exports their updates as HTML which is shown on the static website. By not allowing WordPress to constantly run, it reduces our risk of WordPress vulnerabilities.

1. Can using plug-ins like WordFence, iThemes security help for a case like this?

2. How can I ensure when newer versions of WordPress is released, it is updated automatically?

3. Any other advice would be appreciated.

I have gone through