Security is built into everything we do. Here's how we protect your website.
Security Layers
Infrastructure Security
- Cloudflare WAF: Web Application Firewall blocks malicious traffic
- DDoS Protection: Automatic mitigation of denial-of-service attacks
- SSL/TLS Encryption: All traffic is encrypted
- Bot Protection: Filters out malicious bots
Code Security
- No Database: Static sites have fewer attack vectors
- No Plugins: No vulnerable third-party code to maintain
- Modern Frameworks: Built-in protections against common vulnerabilities
Access Security
- Strong Passwords: Enforced for all accounts
- Limited Access: Only necessary team members have credentials
- Secure Admin: CMS access protected and monitored
Backups
Your site is backed up automatically:
- Daily backups retained for 30 days
- Code stored in version control (Git)
- One-click restore if ever needed
Your Responsibilities
Help us keep your site secure:
- Use strong, unique passwords
- Don't share login credentials
- Report suspicious activity immediately
- Keep your email account secure (it's used for password resets)
Incident Response
If a security issue is detected:
- We'll notify you immediately
- Take immediate action to contain the issue
- Investigate root cause
- Implement fixes and document lessons learned