It’s crucial that your WordPress website be kept up-to-date and safe from hackers. As part of our managed WordPress hosting, we back-up your site every day and install updates every week. If an update includes a security patch, we update right away. This includes WordPress itself, the theme, and plug-ins. We also lock-down your WordPress website to keep hackers from sending email through your website or doing other malicious things.
Checkout our Managed WordPress Hosting Plans
Managed WordPress Hosting Features:
1. Managed upgrades
It’s extremely important to keep WordPress, the theme, possible framework, and all plug-ins up-to-date. Sometimes an update is released for a plug-in because a vulnerability has been found and patched. If this is the case, you want that patched plug-in. Otherwise, hackers could take advantage of that vulnerability and replace your home page with an unwanted ad or have your website send out their spam.
2. Managed back-ups
Before I install a plug-in, or an update to a plug-in, I back-up your WordPress installation, including its database and all files. Back-ups are important, because if there is a problem while upgrading a plug-in, I can restore your website from the back-up. The database is backed-up every day. WordPress files are backed-up every week.
3. Malware scanning, quarantine, and removal
At least once a month, I will scan your WordPress site for malware. Malware is short for malicious software. Malware is a script or software that gathers sensitive information, interrupts service, distributes spam, etc. When malware is found, it is immediately quarantined and removed.
4. Protection from brute force attacks
A brute force attack is when someone tries relentlessly to log-in to a site. By default, WordPress lets you try and try again to log-in. Brute force attack protection will lock the attacker out after so many attempts.
5. Protection from bots or hackers looking for known vulnerabilities
If a vulnerability is known about a particular version of WordPress, a hacker has some place to start. We hide the WordPress version so the hacker has no idea what version your site is running. In addition, hackers or bots also test websites for common files that have vulnerabilities. If the file doesn’t exist, a 404 error is returned to them. After so many 404 errors, the hacker or bot is locked-out.
6. Protect common WordPress files from hackers
These common and important WordPress files are kept safe from hackers.
7. Block suspicious looking URLs
Suspicious query strings in the URLs are filtered. These are often of sign of someone trying to hack into your site.
8. Block php executions from uploads folder
The ‘uploads’ is for images or pdf files, not php scripts. php scripts are prevented from being uploaded into the ‘uploads’ folder.
9. Block known bad hosts and agents
Known hackers are automatically banned from accessing your website. You also have the option to append to that list.
10. Disable directory browsing
Directory browsing is another way for hackers to see what files you have. This is disabled.
11. XML-RPC made unavailable to hackers
Originally, hackers would try guessing your username and password to gain access to your website. Hackers today are leveraging the xmlrpc method. xmlrpc is turned-off.
12. Up-Time Monitoring
If your website is not up, you might be loosing business. If we see that your website is down, we investigate and do what we can to get it back on-line. If it’s down due for some reason outside of our control (such as you didn’t renew your domain name), we’ll contact you.
The above is just a brief list of everything that’s done in an attempt to keep your WordPress website safe and secure.
We keep our server up to date with the latest software and security patches to ensure that your website is safe, secure, and on a solid foundation.