Keep smiling. Your website is protected in a highly secure, managed WordPress environment.
Security matters. Not only does a secure environment protect you from data loss or embarrassing hacker takeovers, properly secured sites are faster, since bogus traffic and requests aren’t eating up your resources. The WP Engine platform meets the demanding security requirements of even the world’s largest brands. From physical security at the datacenter to protection against sophisticated exploits and customer separation at the kernel level, we provide a highly-secure WordPress experience to every customer.
WP Engine’s security is the best. They’re proactive, and on top of every security vector. We’re 100% confident with WP Engine protecting our client sites from the bad guys.
Managed patching and updates
When kept up-to-date, the WordPress core is extremely secure. To ensure that your site is running the most current version of WordPress, we automatically upgrade your installs whenever minor patches are released. When a major update is released, we thoroughly test it before recommending that our customers upgrade. We’ll even work with you directly to make your upgrade as painless as possible.
Real-time security threat detection
All of our customers, from mom-and-pop bloggers to Fortune 500 companies, benefit from our highly performant, secure technology stack. Shared plans are separated from other customers at the kernel and filesystem level, and Enterprise plans run in dedicated environments not shared with other WP Engine customers. Plus, we run a combination of firewalls to protect you from outside attacks, as well as network analysis monitoring tools to guard against any malicious behavior within the network.
A finely tuned technology stack
Proper server configuration is vital to securing your web environment. Our software stack includes provisions to ensure optimal WordPress performance, including disk write limitations and protection against scripts known to contain vulnerabilities. We also implement PHP tuning to disallow dangerous or insecure commands.
Security audits and code reviews
We conduct periodic code reviews and security audits of all internal environments and processes. We partner with third-party, independent security firms to ensure best practice security measures are always in place. Plus, we conduct frequent, proactive vulnerability scans and perform penetration testing, and we allow our customers to do the same if they choose.
If you still get hacked, we’ll fix it for free
Consultants can charge thousands of dollars for emergency unhacking services. Thankfully, you can keep those dollars in the bank. In the unlikely event that your site is compromised, we’ll fix it at no extra cost to you.
Want to know more? Let’s chat.
If you have more questions about our security practices and environment, email our sales team or give us a call. We’re happy to answer all your questions about how we keep your site updated, safe, and secure.