Security Policy

Amity Web Solutions takes security seriously which is why we have the following policy in place:

Servers

• We frequently update all our web hosting servers to use the latest software, which would include security and bug patch releases
• Serious security threats would be patched on the servers as soon as possible
• We have an industry leading firewall to protect the servers, in particular:
  • DDoS Attacks
  • Block vulnerable scripts in CMS
  • Monitor suspicious activity (several password failures for example) and block IP addresses
  • Closed all ports except from approved IP addresses
• No public facing control panels
• Secure password policy, at least 8 characters of random uppercase and lowercase letters, numbers and symbols
• Virus and malicious file scanner continuously scanning the server for malicious files with immediate quarantine
• Connection to servers from our approved IP addresses is via Secure Shell Access methods only (SSH). We do not use insecure FTP, but secure SFTP.

Websites

• Secure password policy for logins
• Systems kept up to date where feasible
• Reputable content management systems and plugins that have in-built security protection
• Hard to guess admin URLs
• SSLs as standard
• We have strict guidelines, standards and a go live checklist we follow to build websites to a high standard and to ensure security is met

WordPress in Particular Additionally Has:

• Security and firewall plugins to monitor and protect it from malicious access
  • Includes virus and malicious file scanner continuously scanning the server for malicious files with immediate quarantine
• Automatic and frequent updates to WordPress core, themes and plugins
• Only reputable themes and plugins are used