If your website has any way in which to pass over information – even a contact form – then it should use an SSL certificate. Sites covered by an SSL have the ‘https://’ URL. HTTPS protects the user by encrypting the information that goes from their device to the website servers. Having an SSL certificate has other advantages, too. It’s used by Google as a signal of the site’s ‘quality’. So by having one, you’ll have an advantage in the search results over websites that don’t. Our SSL certificates are ‘wildcard’, meaning that they cover subdomains too: like blog.yoursite.com, for example.
Our data centers are fully secure and are ISO27001:2013 certified. Their security features include:
• Redundant power supplies so that your site stays online
• Gated access with photo ID and swipe card entry
• 24/7 security, with CCTV inside and out
Our servers are Payment Card Industry (PCI) Compliant. This means that our hosting servers are certified to be safe for online stores taking card payments, and the undergo regular audits. PCI standards are enforced through a group of major credit and debit card companies, like Visa, MasterCard, and American Express.
Having malware on your site can be disastrous. It can compromise your security, leading to fraud or identity theft. It can harm your reputation and performance in the search engines. Your website will be checked for malware daily, with our Malware Scanning service. If any malware is found, we’ll let you know and give you advice on how to remove it. You can also scan on demand, so once you’ve made changes, you can check that it’s been resolved.
As WordPress is so popular, it’s a popular target for criminal hackers. So we offer a WordPress checksum test. This checks the version of core WordPress stored in their repository against the one installed on our servers. We’ll notify you if there are differences between the official core version and yours, which could suggest that malware has been added.
Are you sure that you have the correct permissions on your website files? If you don’t have the right permissions, someone might be able to access or change your data. Our file permissions checker will monitor your permissions and make suggestions on what to change if it spots any potential problems.
Distributed denial of service (DDoS) attacks are usually what has happened when it’s reported that a website has been ‘taken down by hackers’. It involves flooding a server with fake requests, as if millions of new people are visiting the site. This will prevent genuine users from accessing the site. Our DDoS protection will filter out DDoS attacks. It can handle attacks of over 1 terabit per second, so even the largest attacks will be mitigated.
Emails can be a security risk, so we scan incoming emails for viruses and similar malware, blocking them before they reach your inbox. Spam is controlled by being filtered through anti-spam deny lists and content checkers. You’re given full control to allow certain emails from domains that might otherwise go straight in to your junk mail. Emails also have another layer of security through DKIM authentication, protecting you and those you send emails to against impersonation. Our servers have a great reputation, so your mail will never have problems being delivered.
Criminals might try to look for vulnerabilities in your applications: like your database, for example. Our web application firewall will help protect you by scanning for attempts to hack your site. It will look for attacks involving trojans, cross-site scripting, SQL injection, path traversal and other ways to gain access to your files. We use both commercial tools and bespoke rules written by ourselves.