Threat Detection and Blocking
Our platform dynamically inspects traffic, looking for new kinds of attacks, or patterns of requests from certain locations that indicate nefarious activity, and we block many of those attacks automatically. Our rules evolve constantly. We witness traffic across our entire network of customers, serving over 2 billion hits a day, and those learnings are inherited automatically by all of our customers. We block over 150 million bad requests every month, and we're constantly adding new rules as attackers evolve their tactics.
Web Application Attacks
Our security systems are designed to proactively block numerous web application attacks issues which may arise in WordPress sites. Our platform proactively blocks many of these flaws at both the nginx layer as well as within WordPress itself. We maintain a specific set of configuration files for patching any WordPress security issues as they arise.
Proactive Security Maintenance
Occasionally, our engineers will craft a one-off plugin/patch and may optionally perform a proactive plugin upgrade for affected customers to keep them secure before an official security patch is made official by plugin developers. If WordPress core is patched by us to alleviate security issues, we submit those patches back to the WordPress community for consideration.
WordPress has a strong network of plugin developers who are always creating and iterating on the plugins available to all WordPress users. Poorly-developed plugins and themes are most often the cause of many vulnerabilities, so it is important that our customers use properly coded, regularly updated, reputable themes and plugins. Customers manage which plugins are enabled for their sites and when they are updated, which means we are not in control of which plugins are used. Once we identify a plugin to be vulnerable, we must respond quickly to minimize impact to customer sites who rely on that plugin.
Managed Patching and Updates
When the WordPress Foundation releases a security patch to WordPress, we automatically upgrade our customers' hundreds of thousands of sites as quickly as possible to ensure their websites are not left vulnerable to the attack. We must be thorough, yet efficient, in our testing approach to minimize potential customer impact of the change.
We build a platform that scales
Whether our customers are setting up a personal blog or an intricate and complex multi-site for your brand, the WP Engine platform makes managed WordPress hosting simple, scalable, and secure.
Fast, Reliable Websites
We look for new ways to help the makers to make and the marketers to market. We build reliability into every aspect of our micro-service ecosystem, ensuring continuous delivery.
Protect our customers
With WordPress being 25% of the internet, security attacks are inevitable. We think about security every day, and we block over 150 million malicious events each month.
We build highly available web services that can be rapidly deployed to thousands of servers, affecting hundreds of thousands of customer websites.
Come Work with us
We have been doubling our customers, sites, and servers every year since 2010. We currently have over 40K customers across 126 different countries with over 300K web sites. If you like the challenge of scale coupled with a rapid growth company, WP Engine is a great opportunity.
Move your site to WP Engine
When you host with us, you get all of us. This means access to the best of what we have, 24 hours a day, 7 days a week. From our industry defining software innovation to our legendary customer service, we provide a WordPress hosting experience that is simply unmatched.