Documentation

How secure are the sites in the Dollie Cloud?

Last Updated: June 20, 2024 11:55 AM

At Dollie, security is not just a feature; it's essential. We implement a blend of advanced, proactive measures to secure your WordPress sites, ensuring that your sites are protected against a wide spectrum of threats. Here’s an overview of how we secure your sites:

Comprehensive Security Measures

  • Advanced Firewall Protection: Utilizing the 7G firewall—the best open source firewall solution for NGINX—we robustly defend against vulnerabilities. Learn more about the 7G firewall here.
  • Proactive Traffic Management: All site traffic is managed through our reverse proxy layer, ensuring that only legitimate requests reach your server.
  • Bot Management: We actively block thousands of known malicious bots that attempt to scan, crawl, or execute requests on your sites.
  • Support for Additional Security Layers: Extra layers of security including CloudFlare, Sucuri, and others are fully supported, enhancing your site's defense mechanisms.
  • Automated Security Scans: Continuous automated scans using the WordFence API help detect and mitigate potential security threats in plugins and themes.
  • Hardened NGINX Rules, No Apache: Our platform uses a hardened NGINX configuration, eliminating common vulnerabilities associated with Apache in WordPress environments.

Enhanced Protection Features

  • Isolated Environments: Each client's data and applications are housed in separate, isolated environments, minimizing the risk of cross-contamination and protecting against attacks that would affect an entire server or fleet of sites.
  • Dedicated Resources: Our Dollie Cloud offers dedicated resources for each WordPress site, enhancing performance while significantly reducing security risks associated with shared resource environments.
  • Automated Backups: Regular and automated backup solutions ensure that your data is consistently backed up and easily restorable.
  • SSL Certificates: All sites hosted on our platform include SSL certificates, ensuring that all data transmitted is encrypted and secure.
  • Compliance and Data Sovereignty: We adhere to strict compliance standards and ensure that data residency requirements are met for clients with specific regional needs.
  • Regular Security Audits and Updates: Our infrastructure undergoes regular security audits with prompt application of security patches and updates, maintaining strong defenses against evolving threats.

Staying Vigilant Against Human Error

While confident in our security infrastructure, we recognize that human errors, such as failing to log out from a public computer or logging in via an unsecured Wi-Fi network, can still pose risks.

As a Dollie partner, it's crucial to emphasize the importance of security with your staff and clients. Encourage strong passwords, implement two-factor authentication, and consistently adhere to best security practices.

Prepared for the Unexpected

In the event of a security breach, being prepared is essential. Every site on Dollie is backed up daily, with options to increase backup frequency for high traffic or frequently updated sites. This ensures that a hacked or defaced site can be instantly rolled back without data loss, providing peace of mind (increased backup frequency may affect costs per container).

Your security is our priority. We are committed to providing a safe, reliable, and resilient WordPress hosting environment so you can focus on growing your business without concerns over online threats.