Security is a shared responsibility. Frontlane Studio handles infrastructure-level protection, while you manage application-level hygiene. Here’s how both sides work together.
What Frontlane Studio Handles
Web Application Firewall (WAF)
Every request passes through Cloudflare’s WAF before reaching your origin. This blocks:
- SQL injection attempts
- Cross-site scripting (XSS) payloads
- Remote code execution probes
- Known vulnerability exploits (CVE-based rules)
DDoS Protection
Volumetric attacks are absorbed at the edge. Your origin server never sees the malicious traffic. We’ve mitigated attacks exceeding 1 Tbps without any customer impact.
Automatic Updates
WordPress core security patches are applied automatically within 24 hours of release. You can opt in to automatic plugin updates as well.
Daily Backups
Full-site backups run daily and are retained for 30 days. You can restore any backup with one click from the control panel.
What You Should Do
Use Strong Passwords
Enforce strong passwords for all WordPress admin accounts. We recommend using a password manager and enabling two-factor authentication via a plugin like WP 2FA or Wordfence.
Limit Login Attempts
Our platform rate-limits login attempts by default, but you can further restrict access by:
- Whitelisting specific IP addresses for
/wp-admin - Enabling CAPTCHA on the login form
- Changing the default login URL
Keep Plugins Updated
Outdated plugins are the #1 vector for WordPress compromises. Review your plugin list monthly and remove any plugins you’re not actively using.
Audit User Roles
Only grant Administrator access to users who truly need it. Use Editor or Author roles for content contributors. Review the user list quarterly.
Security Incident Response
If you suspect a compromise, contact our support team immediately. We’ll:
- Isolate the affected site
- Scan for malware and backdoors
- Restore from a clean backup if needed
- Patch the vulnerability that was exploited