Hiilite takes the security of your site very seriously. To start, we pass all our sites through Cloudflare’s Security Services, which both protects and secures your websites, applications and APIs against the likes of denial-of-service attacks, customer data compromise, and abusive bots.
We do this by:
Mitigating DDoS Attacks
Protect applications, websites, and APIs from malicious traffic targeting network and application layers, to maintain availability and performance, while containing operating costs.
Prevent Customer Data Breach
Prevent attackers from compromising sensitive customer data, such as user credentials, credit card information, and other personally identifiable information.
Block Malicious Bot Abuse
Block abusive bots from damaging Internet properties through content scraping, fraudulent checkout, and account takeover.
Some of the technologies employed are:
DNSSEC is the Internet’s non-spoofable caller ID. It guarantees a web application’s traffic is safely routed to the correct servers so that a site’s visitors are not intercepted by a hidden “man-in-the-middle” attacker.
Web Application Firewall (WAF)
Cloudflare’s enterprise-grade web application firewall (WAF) detects and block common application layer vulnerabilities at the network edge, utilising the OWASP Top 10, application-specific and custom rulesets.
Rate Limiting Rate
Limiting protects critical resources by providing fine-grained control to block or qualify visitors with suspicious request rates.
SSL / TLS
Transport Security Layer (TLS) encryption enables HTTPS connections between visitors and origin server(s), preventing man-in-the-middle attacks, packet sniffing, the display of web browser trust warnings, and more.
Cloudflare is an ICANN accredited registrar, protecting organizations from domain hijacking with high-touch, online and offline verification for any changes to a registrar account.
For Hosting, we run:
Our managed servers come with Auto-Updates & Corero DDoS protection, to help avoid vulnerabilities and increase performance and reliability. Fully compatible with Auto SSL and Free 3rd party SSLs (Comodo, Let’s Encrypt, etc.).
Within your site there is:
Within our websites we deploy Sucuri, the globally recognized authority in all matters related to website security, with specialization in WordPress Security. Some of the features of Sucuri within the website include:
- Security Activity Auditing
- File Integrity Monitoring
- Remote Malware Scanning
- Blacklist Monitoring
- Effective Security Hardening
- Post-Hack Security Actions
- Security Notifications
To make sure hackers can’t plant malicious files into your site, we make sure your site is kept up to date, and apply file locking by:
- Verifying WordPress Version and keeping it up to date
- Verifying PHP Version for security and speed
- Prevent WordPress Version Leaks
- Block PHP Files in Uploads Directory
- Block PHP Files in WP-CONTENT Directory
- Block PHP Files in WP-INCLUDES Directory
- Prevent Information Leakage
- Remove Default Admin Account
- Locking Plugin and Theme Editor
We hope this puts your security questions at ease.
If you have any questions, don’t hesitate to call Hiilite at (888) 303-3444