All of our WordPress Hosting Plans come with our WordPress Complete Security Solution. In this article we will discuss the WordPress Complete Security Solution and how our innovative security measures and recovery options benefit you.
What is the WordPress Complete Security Solution?
The WordPress Complete Security Solution is a GlowFrog Hosting exclusive combination of Innovative Security Practices, Integrations and Tools which we have custom tailored and packaged to make available to our WordPress Hosting Customers. The Complete Security Package we offer here is unique and unlike anywhere else. It is available exclusively only to members of the GlowFrog Hosting Family.
Get this and WordPress Hosting for just $2.99/m to start.
Security Implementations at the Server Level
Security at the WordPress Level
Security Implementations at the WordPress Level
Overview: Server Level Security
Proactive Security Rules
Proactive Security Rules help to detect and block hacks before they happen. The Firewall works by filtering incoming and outgoing network traffic based on a set of defined rules. This helps to prevent hackers from accessing the server in a malicious way by preventing Brute Force attempts (automated attacks designed to guess username and password combinations) as well as DDoS attacks.
Real-Time Web Application Monitoring
The Server here is also equipped with real-time web application monitoring, logging, and access control. The Continuous passive security assessment is a variation of real-time monitoring, which focuses on the behavior of the system and functions as an early warning system that can detect traces of many abnormalities and security weaknesses before they are exploited.
Attack Surface Reduction
The proactive Server Security utilizes Attack surface reduction and Web Application hardening in which HTTP features are selectively narrowed down into categories which the security on the server either deems acceptable or not acceptable (e.g., request methods, request headers, content types, etc.) and enforces many similar restrictions such as as cross-site request forgery attempts.
Overview: Website Level Security
WordPress Hardening Measures
Hardening Measures for WordPress are implemented to safeguard and effectively “harden” your WordPress website against potential future attacks. Some Steps we take to Harden WordPress are as follows:
• Configure “Custom login URL” and Disable “wp-login.php”
• Enable Immediately block IP when attempting to log in with a non-existing username
• Disable Dashboard Redirection
• Enable Immediately block IP after any request to wp-login.php
• Stop user enumeration
• Block execution of PHP scripts in the WordPress media folder
• Disable XML-RPC
• Disable PHP error displaying
• Stop user enumeration / Block access to user data via REST API
• Disable REST API
• Allow REST API for logged in users
• Comment form (Protect comment form with bot detection engine)
• Registration form (Protect registration form with bot detection engine)
• Other forms (Protect all forms on the website with bot detection engine)
• Rename WordPress Plugin Folder
Recursive File Permissions are set in order to harden Website Access Points and prevent public access where applicable.
Input sanitation is applied where applicable to accurately filter the content your Website accepts through your contact forms or any other means on your website. Website logging is enabled and detects important information regarding the integrity of the website and files.
WAF (Web Application Firewall)
WP Cerber Firewall and Security Plugin is installed and professionally configured to providing real time protection from incoming malicious activity which you can access via your WordPress Dashboard.
Malware Scanning and Detection
Access to Website Scanning and Malware Removal is available via the WP Cerber WordPress Firewall and Security Plugin and via additional tools within your Hosting Account. The Server automatically scans sites and files periodically to detect the presence of malware. You can initiate a new manual scan from your cPanel control panel. You have the ability to quarantine any infected files found which renders them “invisible” to the file server and isolates them from your WordPress site an other files. Our Experts can help you replace WordPress Core files when needed.
*Optional: SiteLock Security
As an additional courtesy, a Free *Optional Subscription to Site Lock Security is included. Access to additional malware detection and scanning tools is available via your SiteLock control panel which you can access easily from within your Hosting Account.
Overview: Hack Recovery
Hackers are always finding creative new ways to breach even the best security measures. At times even the most state-of-the-art security cannot prevent a hack. This is because the point of origin of hacks are not limited to the Server or the Website. Hacks do not always result due to a server or website security fault. It can be due to malware or spyware on the machine of an unsuspecting user in which the user is unaware of, weak passwords, third party software compromise etc. While it is generally uncommon in a secure environment, albeit unfortunate, hacks can happen. In the event your website becomes compromised you have many options available to you to prevent further file infection as well as to recover your website and files. These recovery options are included within your Complete Website Security Package at no additional charge.
File and Website Restoration
Restoring from a clean backup is a quick way to recover an infected site. You can restore your website or specific files within your website from within your cPanel account or have our Experts restore these files for you from the Backup Center.
Malicious Code Injection Detection
Early detection of Malicious Code injection and alerts help stop attacks when they occur to prevent further compromise and the opportunity to identify an issue, stop the attack and recover more quickly.
Database corruption can be an ugly result of a recent hack or infected files within your website. You can repair corrupted databases and restore your databases from within your account or have our Experts do this for you.
One bad apple doesn’t have to spoil the bunch! Your account is isolated from other accounts on the server to preserve the integrity of your hosting account, files, website(s) and databases.
Infected files can be detected and quarantined to prevent further spread of an infection.
Need Help? Ask our WordPress Security Experts
Helpful Articles & Resources
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?