WordPress has become a victim of its own success. Its global ubiquity means that it presents a large, attractive target to hackers. As well as this, being an Open Source application with a published codex means that potential hackers can study its code base to look for vulnerabilities.
The WordPress framework also allows for the integration of 3rd party plugins. This brings unlimited extra functionality to the WordPress application, some of it for free - but its also brings added security vulnerabilities. Whilst the WordPress plugin repository is strictly curated and plugins are tested for a range of best practice and security policies, it means that the potential for security loopholes is greater if you use plugins.
For these reasons, the importance of extra WordPress security cannot be over-stated.
We have an armory of tools and techniques up our sleeve to secure your WordPress site and keep it secure.
Our four-pronged approach to website security is comprised of:
- Core and plugin updates
- Multi-faceted Security Hardening
- Heuristic end-point application firewall
- Real-time Monitoring & alerts
- Website application firewall is a kind of 'bad guy' filter that learns as it goes, filtering out suspicious traffic
- Enforced strong password policies
- Brute-force login defence using black lists and time-based throttling techniques
- Proactive reviews & patches of security threats like core WordPress bugs, plugin exploits, and so on
- Up-to-date server software
With our WordPress Security Plan, we backup your site up daily to an offsite location.
Example of a Firewall stopping attacks
Some info on viruses:
Viruses typically will stay hidden and use your website and server resources for their own purposes. Many site owners report ads appearing intermittently on their site and/or automated redirection to another site. As well as this, any compromised site will have its database exposed to the hackers. They will typically use this as a commodity.
The security aspect of our Update & Protection package works by first hardening security as much as possible. There are a number of techniques behind this. Then by adding a software firewall to the site. This is a kind of 'bad guy' filter that monitors all traffic and blocks anything deemed suspicions. Then by setting up live monitoring of the site and database for any changes and linking this to real time email alerts to StayPress.
Details are all here, where you can also subscribe to the service.
Based in Brighton, we have WordPress Security clients across Sussex and even as far afield as London.