These are all things that go into our secure WordPress hosting, that will protect your WordPress website.
Cloudflare is the first level of defense. Cloudflare offers a firewall, DDoS defencse, and WAF (web application firewall)
Then we have a juniper hardware firewall. Hardware firewalls are an important measure to stop large scale attacks on web servers.
The we have software firewall. A little similar to the hardware firewall, but it is programmable.
mod_security is next. It checks each click, and looks for hacking patterns.
Then we look at patterns over time. These patterns, and triggers from mod security are blocked on a software firewall and uploaded to a cloudflare blocklist.
The web server is run on a read-only file system, so no changes can be made, even if we execute a hack it can’t make changes. Mose hacks rely on modifying php files, or uploading php files. Our readonly filesystem makes this impossible. We believe this is unique to our hosting.
Each component, web server, sql server, mod security, are all run in their own security container – so a hack can’t spread.
We have 2 factor authentication to log into wp-admin. We use two levels of passwords to make wp-admin more secure.