WordPress security policy — our responsibility
We use modern tools and extensive technical experience to ensure the safety of the user’s site and data.
01
HTTPS WP-admin Encryption
We’re permanently securing data exchanges between devices and the WP-admin accounts, passwords and editorial contents included.
02
Denial of Service Attacks
In case of denial of service attack attempts, we are taking action to mitigate the risk and identify the source, keeping the site in proper working conditions.
03
Incident Handling
In case of suspicious security incidents, we are investigating responses and we recommend appropriate courses of action.
04
Firewall
We are managing firewall rules to limit access only to publicly intended resources, in legitimate usage patterns.
05
OS Maintenance
We permanently keep physical and virtual machines up-to-date with the latest LTS operating system versions.
06
WP-core Upgrades Policy
We are managing firewall rules to limit access only to publicly intended resources, in legitimate usage patterns. We are performing tested upgrades of WordPress core functions and take full responsibility for the process.
07
Scraping Control
We’re filtering scraping activity that affects performance and service integrity.
08
Resource Monitoring
We’re automatically monitoring traffic and usage patterns that pass over established thresholds and throttle them.
09
Inter and Intra Data Center Security
Our equipment is located in standardized data center facilities with clear contracts concerning data access and security. Physical access is audited as well.
10
WordPress Filtering
We implement strict checks for php execution and limit allowed pass-through parameters based on the WordPress Codex.
11
Staff Access Guaranteed
We assume full responsibility for data access, as our staff includes both support and infrastructure engineers alike.
12
Trails Audit
All dashboard actions performed by your team, as well as our support, are tracked and ready for audit.