Elastic Platform

Secure PHP with 1-Click

Effortlessly keep your PHP applications secure by selectively permitting and disallowing write-access. With support for WordPress, Drupal, Joomla!, and Magento keeping your web site secure is as easy as a mouse click.

Security Made Easy

Step One

Look important, then click on Change Fortification.

 
 
 

Step Two

Click Web App Write Mode to temporarily allow write-access by the web server.

Dual-User Model

PHP runs as a separate user to keep your files secure in the event of a breach. Competitors lump all web sites under 1 user account, including your sensitive email and SSH keys. In the event of a breach on any web site, a hacker has access to infect other web site files or even steal your SSH keys and sensitive emails.

Fortification Mode

Limit write-access to PHP to only acceptable, filtered locations on your web site. Fortify implements this policy whereas Release Fortification allows write-access anywhere on the web site. Web App Write Mode flips between modes with a 10 minute timer – handy for in-place updates.

Fortification only apply to the selected web site, so multiple sites on your account can use different levels of protection.

Learning Mode

For miscellaneous PHP applications, select Learning Mode to establish a behavior profile on your site. Learning Mode sets a checkpoint, then checks again after 1 hour to determine what files have changed and what files or folders are necessary for correct site operation. All other files are restricted write-access to maximize security.

Learning Mode may only be applied to applications that do not have fortification profiles. WordPress, Drupal, Joomla, and Magento come with fortification profiles.

Malware Scrubbing

Every file upload that passes through the server is scrubbed for known malware against a database of over 3.5 million signatures. Each server routinely stops over 100 viruses per day from entering server space.

URI Filtering

Certain known paths for WordPress, Joomla!, Drupal, and Magento are expected to serve only media. We strictly enforce this policy to ensure that /wp-content/uploads only serves cat gifs, not malicious backdoors.