Skip to content

How we Secure your WordPress Servers

At WPJack we take security very serious and every new server or site comes with a hardened security by default.

Every site is isolated in its own environment, every site has a dedicated database connection, firewall is installed, for more details read bellow.

Isolation of WordPress sites

Each WordPress site comes with its own Linux user, server folder, dedicated database, dedicated database connection and dedicated PHP workers.

This isolation prevents hoping between different sites.

You still need to take care of what plugins you're installing, are they credible. And about password policy, always use complex passwords which could not be guessed using dictionary or enumeration.

Default firewall on the server

WPJack servers are coming with already installed ufw firewall.

All ports are blocked by default except:

  • 80 - HTTP
  • 443 - HTTPS
  • 22 - SSH

Usage of RSA 4096 encryption

WPJack is using RSA public key encryption to communicate with your servers. The same encryption as when you try to use SSH keys generated from WPJack.

Plain passwords are disabled on a server level. That way any brute-force attacks are in vain since there is no way to guess 4096 encryption key, at least not in this life.