24/7 WordPress Security

Protect your business and customers with rock-solid
security protection, hardening, and malware monitoring.

Security Scans & Monitoring

We’ll constantly monitor your website to check for any security vulnerabilities.

Daily Malware Scans

Every day we run full comprehensive security scans of your website files and database, to check for malware, viruses, and malicious code. Your website is synced to a backup on another separate secure server, and the scans are run there, so your live server and site performance is not affected.

Vulnerable Plugin Checks

WPScan Vulnerability Database daily monitoring to check for vulnerable plugins that may be on your site, and remove / update them if needed.

User Activity Logging

We enable and keep track of user actions such as logins, saving content, installing plugins, and and more, to keep an eye on suspicious activity.

SSL Monitoring

We’ll monitor the validity and authenticity of your SSL certificate, if it’s renewal is upcoming. If we detect issues, we’ll look into it ASAP.

Daily Link Monitoring

We check your website every day for links that are directing to broken pages, or potentially harmful content, and fix them for you if needed.

Security Hardening & Protection

We implement a variety of security hardening techniques to protect your business from malware and hacks including:

Local Brute Force Protection

We limit the number of failed login attempts allowed per user with WordPress brute force protection, to lock out people trying to guess your passwords.

Strong Password Enforcement

We’ll enforce all users on your site to have strong passwords. This is one of the best ways to lock down WordPress and protect your user accounts.

Network Brute Force Protection

Connect to a large network of sites that reports and protects against bad actors on the internet, so bots and spam are blocked before it even gets to your site.

Limited File Permissions

We adjust limit the file editing permissions on your site, so that only those who you can trust, are able to edit content and files on your site.

Two-Factor Authentication

We’ll implement two-factor authentication on your site, to greatly increase the security of your WordPress user accounts by requiring additional information.

WordPress Security Tweaks

We’ll apply some advanced settings to your website that improve security by changing default WordPress behavior. These settings can be different for each site.

Website Application Firewall(s)

To help protect your business, we offer a multi-layer firewall solution for incredible rock-solid website security.

Why both? Our Cloud WAF will help with reducing bot traffic, malicious requests and preventing DDoS attacks, whilst the Endpoint WAF adds an extra layer of protection against hacking attempts, brute force logins, etc, if they are somehow able to bypass the cloud WAF.

1. Endpoint WAF

Included with ALL our care plans, is a smart endpoint WordPress firewall, which will automatically block malicious traffic with intelligent visitor pattern detection. This helps protect your website from the bots and hackers.

The firewall also monitors attacks across thousands of sites on a large network, to create a dynamic list of IPs with malicious intent. These IPs are then blocked from sending requests to your site. You can even view traffic and firewall stats in our weekly website reports.

2. Cloud WAF

Available on our Enterprise care plan, and with all managed VPS hosting plans.

We’ll implement an Enterprise-grade DNS level Firewall system, powered by StackPath, to your website for an extra level of incredible security.

Website traffic is constantly analysed to profile behavior, detect inconsistencies, and determine reputation, leveraging advanced intelligence algorithms and expert security analysts. Every attack makes the WAF smarter and even more secure from emerging threats. However, every site is different, so we will personally monitor and customise the best WAF rules on a site-by-site basis.

The Enterprise WAF will protect you against all of the following:

Layer 7 DDoS Attacks

Cross-site Scripting

Automated Traffic (Bots)

SQL Injection Attacks

OWASP Top 10 Threats

WordPress Exploits

Local File Inclusion

And more…

Secure Cloud Backups

We’ll complete incremental cloud backups of your website daily, stored in a secure off-site location (Amazon S3). On our Enterprise plan, we’ll also run real-time backups for your site in which every change detected on your website will be incrementally backed up instantly. Backups are extremely important to protect your website and data, in-case the worst happens. Learn More