The security and reliability of our service is our number one priority. We only host WordPress and WordPress Multisite, and are fine-tuned to support it.
We handle all WordPress, plugin, and theme security updates. We scan all sites daily for any known vulnerabilities.
Please find our detailed technical and security guide below, and reach out to us with any questions that you may have.
CampusPress manages sites either in Amazon AWS auto-scale clusters or flexible Virtual Private Servers on Digital Ocean. We can help you decide which environment will best meet your needs, and we handle all the setup and configuration behind the scenes. In general, larger Multisite networks are best fit for AWS and custom individual sites are best on Digital Ocean.
On AWS, sites are hosted on a cluster of multiple web and database servers for built-in replication, load balancing, and redundancy. Nightly database backups are encrypted and then stored with Amazon S3.
On Digital Ocean, each site gets its own dedicated CPU and memory resources and makes use of incremental backups (for faster restores), staging environments, and optional SFTP and SSH developer access.
In order to comply with local legal and privacy requirements, each customer can choose to be fully hosted in one of the following countries:
- Australia (AWS & DigitalOcean)
- Canada (AWS & DigitalOcean)
- Germany (AWS & DigitalOcean)
- India (DigitalOcean)
- Japan (DigitalOcean)
- Netherlands (DigitalOcean)
- Singapore (DigitalOcean)
- UK (AWS & DigitalOcean)
- USA (AWS & DigitalOcean)
All customer data in the WordPress instance(s) will not leave the country in which it is hosted.
CampusPress staff remotely manage and maintain the servers and applications in these datacenters.
CampusPress, and our customers, are able to leverage certifications and security assurances provided by these partners as it relates to physical security. More on compliance and certifications of each can be found at aws.amazon.com/compliance and digitalocean.com/trust/certification-reports.
All data centers include the highest levels of 24/7/365 on-site security, regulated climate control, redundant power, automated off-site backups, and industry-leading network infrastructure.
Sites hosted on AWS make use of many AWS services including EC2 for web servers, Elastic Load Balancing, Relational Database Service for database servers, and automated scaling when needed.
We use Docker containers with Ansible to isolate each WordPress install from each other, while still allowing each site to benefit from the scalability that comes with our infrastructure. Customers that have the need can be served in fully dedicated private cloud clusters for an additional cost.
Sites hosted on DigitalOcean each are on their own dedicated virtual server with dedicated IPs, memory, CPUs, and hard disk space. The size of the server depends on the purpose and traffic needs of the site, though we always size up to ensure it can handle peaks in any traffic (in addition to both server and application side cacheing).
File Scanning and Storage
All images, documents, and other user files are uploaded securely to Amazon S3 to help optimize the performance of server resources. This includes files and uploads from sites hosted on Digital Ocean VPS.
All user file uploads are scanned using ClamAV for possible virus or malicious files, and any suspicious files are automatically quarantined.
Content Delivery Network (CDN)
All images and files are served via a CDN. Currently, this includes 100+ PoPs of Global BunnyCDN network.
WAF, DDOS Protection, and Firewalls
We utilize a variety of tools and services to monitor and protect the traffic and applications we serve. This includes network firewalls with automated blocking of malicious IPs, ModSecurity WAF, and DDoS mitigation, and AWS Shield.
Cache and Traffic Spikes
All text content on the public side is cached automatically so that no matter how many visitors your site gets, speeds stay fast. We handle billions of page views each year, and are confident we can handle the largest of any sudden traffic spikes.
We have no known security breach in our history.
Should any security-related event occur, our policy is to alert our customers via email no later than 24 hours of our team becoming aware of the event. We will work closely with any customers affected to determine next steps such as end-user notifications, needed patches, and how to avoid any similar event in the future.
SSL & HTTPS (Data In Motion)
Customers can provide their own SSL certificates or we can obtain free certificates via Let’s Encrypt.
Data is encrypted in motion as we require HTTPS for all logged-in traffic and recommend forcing for logged out as well.
Data Storage and Encryption (Data At Rest)
The WordPress database and all backups are encrypted at rest. In addition, sensitive data such as any local user passwords are salted and hashed in the database via standard WordPress practice.
Single Sign-On and Authentication
We encourage the use of single sign-on services to manage all WordPress user accounts and authentication. Supported integrations include Active Directory, LDAP, Shibboleth, CAS, SAML, ADFS, and Google G Suite. We also encourage and support multi-factor authentication capabilities via these integrations.
Other Security Practices
Our dedicated security staff performs daily checks of industry security blogs, websites, and newsletters to keep on top of any potential vulnerabilities that pertain to the systems we use or employ.
We use ClamAV for all servers and TrendMicro and Norton for our desktops with regular updates as needed. We use WPScan for WordPress code and database monitoring.
Disaster Recovery & Backups
Networks on AWS are hosted on a cluster of multiple web and database servers for built-in replication, load balancing, and redundancy.
Sites on DigitalOcean are able to be migrated or restored in new virtual server instances within minutes.
Both AWS and Digital Ocean hosted sites and Multisite networks have automated nightly database backups in place which are encrypted and then stored with Amazon S3. Backups are kept for at least 7 days and no more than 30 days. The backup system is manually tested on a bi-weekly basis.
Restore times depend on the size of the WordPress site or network and the cause of the disaster, but full backup recovery should take no more than 24 hours.
Every CampusPress employee goes through background and reference checks, as well as an on-boarding process that includes a trial period where access to customer servers and data is provided only when working directly under the supervision of another staff member.
CampusPress staff only have access to systems that are directly required to complete the functions of their job. We enforce the use of multi-factor authentication for all critical systems and communications services, and automatically log all staff activity using an internal logging tool and Amazon Cloud Trail.
All CampusPress staff (including any contractors) undergo initial training to ensure proper understanding of all security related processes. Staff regularly attend industry conferences and otherwise stay informed of best practices and relevant trends. Staff agree, in writing, to all policies and procedures annually.
In short, we are a fully distributed team in 12+ countries and always have backup coverage for all roles in different regions around the world. This allows us to withstand any natural disaster or other events.
We only host WordPress (an open source web CMS). Customers can contribute their own WordPress plugins/themes which results in a shared responsibility of the codebase and security practices. More details on WordPress security can be found here: https://wordpress.org/about/security.
Any WordPress core, plugin, or theme security patches will be applied within 24 hours of release.
All plugins and themes that we develop or add to our curated/approved list are peer reviewed and then scanned by RIPSTech to ensure best security practices are followed.
All sites that we host are scanned nightly by WPScan Vulnerability Scanner for any known security vulnerability in WordPress core, plugins, and themes. If any issues are found in one of our plugins or themes, our team will mitigate or patch them within 24 hours. If the plugin or theme is custom or uploaded by the customer, we will notify the customer within 24 hours and collaborate on the best course of action.
In order to ensure the reliability of our service, we’ve implemented a change management policy that we follow for all updates, upgrades, and code changes.
We perform all WordPress core, plugin and theme updates, general improvements, and server maintenance during a regularly scheduled weekly window. All changes are thoroughly tested by our developers and quality assurance team as follows:
- Tested fully in a local testing environment by the technical team.
- Automated and unit testing in multiple development environments.
- Manual testing by the QA team in multiple development environments using all major browsers and operating systems, including mobile devices.
- Full deployment to a small subset of live networks and all development/test networks that willingly participate in our beta testing program.
- Final manual code and performance review by technical team leadership.
- Full deployment to all customers during the next regular ‘Primary Updates’ window (Tuesdays) and an update published to our changelog alerting customers.
- Continuous monitoring by technical and support teams.
For any significant changes that end users may notice, we’ll provide documentation and warning to Super Administrators well in advance.
Code Audits and Guidelines
We have automatic and manual code reviews in place for all plugins and themes that are added to any site we host. All plugins and themes must adhere to the WordPress Coding Standards as well as a list of guidelines that we provide in our documentation section.
Bitbucket & Version Control
We use Bitbucket for version control. Customers that have custom themes should initiate a pull request to alert our team of developers to initiate a code review.
Depending on the queue and complexity of the theme (or edit), a review can take up to 24 hours (or more for complex themes).
We can set you up with a testing environment where you can upload themes or test major changes before moving to production.
For individual sites, our clone tool can be used to create a clone of an existing site that can be used to test a new theme or add new content without affecting your live site.
Service Level Agreements
Reliability and Uptime SLA
We guarantee a 99.9% availability of service. For any month where greater than or equal to 99.9% availability is not obtained, at the customer’s request, a 5% credit of the total annual contract price will be applied to the account. This credit will be applied for the following contract renewal.
Credit will not be applied if the reason for less than 99.9% availability is:
- a result of scheduled outages notified to the Client at a time agreed upon and completed outside of the Client’s normal business hours.
- due to Client authored code, user-generated content, or changes to the Service by parties other than the Host.
- data center interruptions related to acts of God, natural disasters, or outside the control of the Host or the host’s hosting partner(s).
- outages or errors created by 3rd party service providers contracted by the Client (not contracted by the Host), such as Single Sign On providers and similar.
We maintain a list of Level 1 outages that affect a significant number of customers at status.campuspress.com.
All support is handled via email at email@example.com. Some customers on higher plans may also choose to setup shared slack channels for more real-time communication to aid in support.
End-user email support (ie. faculty, staff, student) is not normally provided directly and must be explicitly included in the package or license purchased. The customer is encouraged to forward support requests from end-users should additional help be needed to resolve the issue.
Our support staff will triage all incoming support requests 24/7 according to the following levels:
Level 1 – Critical
Complete inability to access or use the platform, both the frontend and the backend of the entire network.
Level 2 – High
The frontend is available, but the backend is such that updates to sites can’t be made on the entire network. Or, one or more sites are completely unavailable, but not the entire network.
Level 3 – Medium
Partial or limited loss of non-essential functionality affecting all users. An example would be media files not being able to be uploaded by users.
Level 4 – Low
An inconvenience that does not impact general performance. An example would be one plugin or theme not working correctly, but otherwise, the site is up and running without errors.
While we will work to reply to all support requests, at all levels, as quickly and completely as possible, the following SLA guarantees are in place:
Level 1 – 1st reply within 30 minutes with updates every 30 minutes until resolution.
Level 2 – 1st reply within 1 hour with updates every 1 hour until resolution.
Level 3 – 1st reply within 4 hours with updates each day until resolution.
Level 4 – 1st reply within 24 hours with updates every 48 hours until resolution.
For any calendar month where these guarantees are not met 2 (two) or more times, at the customer’s request, CampusPress agrees to apply a 5% credit to the account to be applied towards the following renewal.