Dual-User Model

PHP runs as a separate user to keep your files secure in the event of a breach. Competitors lump all web sites under 1 user account, including your sensitive email and SSH keys. In the event of a breach on any web site, a hacker has access to infect other web site files or even steal your SSH keys and sensitive emails.

Fortification Mode

Limit write-access to PHP to only acceptable, filtered locations on your web site. Fortify implements this policy whereas Release Fortification allows write-access anywhere on the web site. Web App Write Mode flips between modes with a 10 minute timer – handy for in-place updates.

Fortification only apply to the selected web site, so multiple sites on your account can use different levels of protection.

Learning Mode

For miscellaneous PHP applications, select Learning Mode to establish a behavior profile on your site. Learning Mode sets a checkpoint, then checks again after 1 hour to determine what files have changed and what files or folders are necessary for correct site operation. All other files are restricted write-access to maximize security.

Learning Mode may only be applied to applications that do not have fortification profiles. WordPress, Drupal, Joomla, and Magento come with fortification profiles.

Malware Scrubbing

Every file upload that passes through the server is scrubbed for known malware against a database of over 3.5 million signatures. Each server routinely stops over 100 viruses per day from entering server space.

URI Filtering

Certain known paths for WordPress, Joomla!, Drupal, and Magento are expected to serve only media. We strictly enforce this policy to ensure that /wp-content/uploads only serves cat gifs, not malicious backdoors.