Effortlessly keep your PHP applications secure by selectively permitting and disallowing write-access. With support for WordPress, Drupal, Joomla!, and Magento keeping your web site secure is as easy as a mouse click.
Fortification evolved as a process to isolate web applications from user data by having two separate users, one for your account data and the other for untrusted web data. Fortification protects your site and tags any file created by your PHP application with a separate user.
Click on Change Fortification.
Click Web App Write Mode to temporarily allow write-access by the web server.
PHP runs as a separate user to keep your files secure in the event of a breach. Competitors lump all web sites under 1 user account, including your sensitive email and SSH keys. In the event of a breach on any web site, a hacker has access to infect other web site files or even steal your SSH keys and sensitive emails.
Limit write-access to PHP to only acceptable, filtered locations on your web site. Fortify implements this policy whereas Release Fortification allows write-access anywhere on the web site. Web App Write Mode flips between modes with a 10 minute timer – handy for in-place updates.
Fortification only apply to the selected web site, so multiple sites on your account can use different levels of protection.
For miscellaneous PHP applications, select Learning Mode to establish a behavior profile on your site. Learning Mode sets a checkpoint, then checks again after 1 hour to determine what files have changed and what files or folders are necessary for correct site operation. All other files are restricted write-access to maximize security.
Learning Mode may only be applied to applications that do not have fortification profiles. WordPress, Drupal, Joomla, and Magento come with fortification profiles.
Every file upload that passes through the server is scrubbed for known malware against a database of over 3.5 million signatures. Each server routinely stops over 100 viruses per day from entering server space.
Certain known paths for WordPress, Joomla!, Drupal, and Magento are
expected to serve only media. We strictly enforce this policy to ensure
that /wp-content/uploads
only serves cat gifs, not malicious
backdoors.
Using a separate user from your content allows
you to easily see what files were created or altered
in the event of a breach. file_audit
is
a low-level API command that traces a directory
and looks for suspicious files.