Security
Container isolation, firewall rules, and brute-force protection.
Sections
Security
Container Isolation
Each site runs in its own isolated container with a dedicated system user. A compromised site cannot access files, databases, or processes belonging to any other site on the same server.
Server-Level Firewall
All servers are protected by a firewall that blocks common attack vectors and restricts inbound traffic to HTTP, HTTPS, and SFTP only. SSH access is not exposed to the public internet.
Brute-Force & Rate Limiting
wp-login.php is rate-limited at the server level to block credential-stuffing attacks. After repeated failed attempts from an IP, further requests are dropped before reaching WordPress.
Malware Scanning
Sites are scanned periodically for known malware signatures and unexpected file modifications. If a threat is detected, you receive an email alert with the affected file paths so you can investigate and clean up.
Keeping WordPress Secure
Keep core, plugins, and themes updated at all times. Remove unused plugins and themes. Use strong, unique passwords for wp-admin and limit administrator accounts to only those who genuinely need access.
Need more help? Contact Support