Platform and Infrastructure Security

Follow

Security on the Pronto Platform Infrastructure is something that we take seriously. We've taken quite a few steps to ensure that our platform is secure and that our client sites are protected from malware and hackers.

Here is an overview summary of the security features that we have in place:

  1. AWS Virtual Private Cloud Firewall
  2. Automatic IP Blocking with Varnish Throttle and Fail2Ban protecting all root access channels and critical application routes (ie WordPress wp-login.php, xml-rpc.php, etc)
  3. Multiple Reverse Proxies (with re-write capabilities) so App Servers (WordPress) are more isolated.
    • This means that no malformed HTTP requests ever hit our app servers as every request that touches our app server was actually created by our proxies.
  4. Strict restrictions of server and file access via SSH and SFTP to known IP addresses and known PGP keys.
    • Our clients do not receive direct access to our server infrastructure, WordPress only
  5. Up to date patches of source code for core systems (i.e. WordPress).
  6. SSL for all site logins and administration pages.
  7. Force Strong Passwords - we force strong passwords for WordPress login credentials. 
  8. We monitor certain key system files and alert if they've been altered. The next step after most successful intrusions is to change some of these files to further compromise the system. Should anyone get this far we would detect it.
 
On top of this we're also completely backing up our entire platform every 24 hours. So, if we ever do run into a situation where a database has been compromised, we can roll back to a clean version with minimal loss and downtime. 
 
Related Articles:
 
 
 
Have more questions? Submit a request

Comments