Security Principles
- Defense in depth: layered controls across network, platform, and account levels.
- Least privilege: access is restricted to authorized personnel with operational need.
- Continuous monitoring: systems are monitored for unusual events and abuse patterns.
Infrastructure & Network Protection
- Hardened hosting environments and controlled administrative access.
- DDoS-aware network controls and traffic monitoring.
- Physical safeguards at data center facilities, including access controls and environmental protections.
- Operational redundancy practices designed to support high availability.
Data Protection
- Encryption in transit (TLS/SSL) for website and client-area access.
- Use of trusted payment processors; full payment card numbers are not stored in our systems.
- Administrative access and activity is limited and audited operationally.
Account Security
- Two-factor authentication (2FA) support for customer accounts.
- Password-based login security controls and account recovery safeguards.
- Recommendations for customers to use strong passwords and maintain current contact information.
Abuse, Vulnerability Reporting & Incident Response
If you identify spam, phishing, malware, or suspicious behavior on our network, report it through Report Abuse. For account-specific concerns, contact support immediately.
We triage incidents by severity, investigate root cause, and communicate updates through support and status channels where appropriate.
Shared Responsibility
Security is a partnership. We secure the platform and core infrastructure; customers remain responsible for application-level hardening, credential hygiene, plugin/theme updates, and secure code deployment.
Related Resources