8 Things You Must Know about WP Engine’s Security

If you purchase through a link on our site, we may earn a commission. Learn more.

When we were deciding where to host WP Mayor back in 2012, we wanted to find a secure hosting provider that would give us peace of mind. That's when we found and invested in WP Engine's WordPress hosting services
Table of Contents
WP Engine High Performance Hosting
BionicWP Hosting

For a number of years, WP Mayor was hosted on what we consider to be one of the best WordPress hosting solution, WP Engine.

Our Experience with WP Engine’s Security

We made the switch to WP Engine in 2012, and we have noticed a distinct improvement in our site. It became faster, our rankings improved, and we no longer had to worry too much about hosting related stuff, as it was all managed by the fantastic team at WP Engine.

Today I’d like to share some points about another big advantage of hosting with WP Engine, secure WordPress hosting.

This is an often overlooked facet of hosting, but you should know that it is very important and WP Engine take things very seriously in this regard.

WP Engine’s managed WordPress platform includes enterprise-grade security protocol, including 3rd Party scans from Sucuri, a leading Information Security firm.

Any managed IT provider serving enterprise and agency-level sites (just like mom and pop sites and blogs) has an obligation to provide top-tier security that has been verified by a 3rd party.

It’s one thing for WP Engine to build security measures into their platform (which they have), but they’ve also worked closely with Sucuri to ensure the WordPress hosting satisfies the their standards for WordPress security.

Check out the talking points below.

WP Engine’s Security Procedures

  • AppArmor, a Linux Security Module, customized for our hosting setup
  • Suhosin, a two-part process guarding against known PHP vulnerabilities
  • Keeping WordPress core up to date
  • Perform zero-hour updates for WordPress security patches
  • Scanning logs 24/7 for suspicious behavior and blocking accordingly
  • Configure Nginx to block known malicious requests on the front-end before they ever reach the back-end
  • Filesystem roots are segregated
  • Optionally locking down the file system
  • All of this is backed up by Sucuri’s own 3rd party scans and penetration testing to ensure top security for your site(s) at all times

Nothing is 100% hack-proof, but WP Engine believe that your security is too important for them to take lightly, or to not involve 3rd party experts who provide an objective perspective about the quality of the hosting platform’s security.

That’s why WP Engine is the only Managed WordPress vendor offering a Security Guarantee to their customers. If your site is on WP Engine and gets hacked, they will cover the cleanup!

The guarantee means that WP Engine is financially incentivized to make sure you are never hacked, how’s that for peace of mind?

Jean Galea

Jean Galea is an investor, entrepreneur, and blogger. He is the founder of WP Mayor, the plugins WP RSS Aggregator and Spotlight, as well as the Mastermind.fm podcast. His personal blog can be found at jeangalea.com.

Discover more from our , archives ↓

Popular articles ↓

One Response

Share Your Thoughts

Your email address will not be published. Required fields are marked *

Claim Your Free Website Tip 👇

Leave your name, email and website URL below to receive one actionable improvement tip tailored for your website within the next 24 hours.

"They identified areas for improvement that we had not previously considered." - Elliot

By providing your information, you'll also be subscribing to our weekly newsletter packed with exclusive content and insights. You can unsubscribe at any time with just one click.