8 Things You Must Know about WP Engine’s Security


As you might have noticed, Bass Media Group is hosted on what we consider to be the best WordPress hosting solution, WP Engine.

We’ve made the switch to WP Engine earlier on in 2015, and we have noticed a distinct improvement in our site. It’s been faster, our rankings have improved, and we no longer have to worry too much about hosting related stuff, as it’s all managed by the fantastic guys at WP Engine.

Today I’d like to share some points about another big advantage of hosting with WP Engine, Security. This is an often overlooked facet of hosting, but you should know that it is very important and WP Engine take things very seriously in this regard.

WP Engine’s managed WordPress platform includes enterprise-grade security protocol, including 3rd Party scans from Sucuri, a leading Information Security firm. Any managed IT provider serving enterprise and agency-level sites (just like mom and pop sites and blogs) has an obligation to provide top-tier security that has been verified by a 3rd party. It’s one thing for WP Engine to build security measures into their platform (which they have), but they’ve also worked closely with Sucuri to ensure the WordPress hosting satisfies the their standards for WordPress security. Learn more about the in-depth aspects of WP Engine’s security procedures, or check out the talking points just below.

WP Engine’s security procedures include:

  • AppArmor, a Linux Security Module, customized for our hosting setup
  • Suhosin, a two-part process guarding against known PHP vulnerabilities
  • Keeping WordPress core up to date
  • Perform zero-hour updates for WordPress security patches
  • Scanning logs 24/7 for suspicious behavior and blocking accordingly
  • Configure Nginx to block known malicious requests on the front-end before they ever reach the back-end
  • Filesystem roots are segregated
  • Optionally locking down the file system
  • All of this is backed up by Sucuri’s own 3rd party scans and penetration testing to ensure top security for your site(s) at all times

Nothing is 100% hack-proof, but WP Engine believe that your security is too important for them to take lightly, or to not involve 3rd party experts who provide an objective perspective about the quality of the hosting platform’s security. That’s why WP Engine is the only Managed WordPress vendor offering a Security Guarantee to their customers. If your site is on WP Engine and gets hacked, they will cover the cleanup!  The guarantee means that WP Engine is financially incentivized to make sure you are never hacked, how’s that for peace of mind?

Jean Galea
Source: wpmayor.com

WP Engine Premium WordPress Hosting

You might also enjoy