Our services

Management, Maintenance and Security

The graphic design, aesthetics and visible benefits of a website to the public are only part of its overall structure. There are complex functions and actions that are set in motion behind each request made on that visible face.

Refreshing content and updating the features that make a site efficient make the site more useful.

Since April 2015, Google gave preference in its indexes to sites optimized to be browsed through mobile devices. This generated changes in the way of structuring the graphic environments and the technologies that support them.

On the other hand, and very important to consider, is that for some time the web has become the scene of a silent struggle. The number of attempts to violate the privacy of the sites continues to increase. This makes keeping security updates a routine that is necessary, regular and sustained over time.
Given these risks and to stop this escalation, a periodic maintenance review of the sites is necessary.

Management and Maintenance Service. It is in development to cover the Paid Services more efficiently, but being a pampaPress client, you receive our Courtesy Services as a base. It is in development to cover the Fee Services more efficiently, but being a pampaPress client, you receive our Courtesy Services as a base.

Security services package

WordFenceLogo_02.jpg

Service Source: Wordfence

Service features

Wordfence is a set of security applications that provides an active block in real time to illegal attempts to access the website.

His presence provides the site with:

  • Web Application Firewall
    The Web Application Firewall prevents you from being hacked by identifying malicious traffic and blocking attackers before they can access your website.
  • Blocking brute force attacks
    It makes it possible to have a view of your site’s live login activity, highlighting every failed login attempt you receive. Wordfence monitors this data and will block any brute force attempts to guess your WordPress username or password.
  • Web Application Firewall
    The Web Application Firewall prevents you from being hacked by identifying malicious traffic and blocking attackers before they can access your website.
  • Malware scanner
    Look for malware, wrong URLs, back doors, and DNS changes. Wordfence scans your site, compares your core files, themes, and plugins to what’s in the WordPress.org repository and informs you of any changes.
  • Real-time monitoring
    Monitors visits and attempts including where in the world they came from, their IP address, time of day, and time spent on your site.

Security monitoring

Service Source: Sucuri
Through MainWP
Explanatory video

Sucuri_logo

Características del Servicio

Verifica la reputación y el estado de seguridad de su sitio web.

Muchos sitios se piratean e infectan mucho antes de que el propietario del sitio sepa que algo ha sucedido. Esto a menudo lleva a listados de programas maliciosos de navegadores populares como Firefox y Chrome que le cuestan clientes potenciales, la reputación de su marca, clientes potenciales y, a su vez, ventas.

La extensión MainWP Sucuri utiliza la herramienta SiteCheck de Sucuri para escanear sus sitios. SiteCheck proporciona análisis de malware basado en la web de sus sitios web utilizando lo último en tecnología de huellas dactilares.

Esto proporciona una forma rápida de determinar si sus aplicaciones web están desactualizadas, explotadas con malware o incluso incluidas en la lista negra de los motores de búsqueda más populares.
Envía recordatorios para escanear sus sitios, y conseva los informes con el resultado de los escaneos.

Escanea por:

  • Malware
  • Javascript maliciosos
  • Iframes maliciosos
  • Descargas Drive-By
  • Detección de anomalías
  • Ataques de Solo – IE
  • Redirecciones sospechosas
  • Blackhat SEO Spam
  • Correo no deseado

Verifica también:

  • Detalles del servidor web
  • Lista de URL escaneadas
  • Lista de Javascripts incluidos
  • Lista de iFrames incluidos
  • Lista de javascripts externos incluidos

Nota importante: Esta acción se realiza manualmente en forma regular por cada sitio (no es automática).

Activity monitor over time

Service Source: Uptime Monitor
Through MainWP

logo_plain.png

Service features

MainWP Advanced Uptime Monitor along with theUptime Robotservice check their sites every 5 minutes, 24 hours a day, 7 days a week.
In case the site isn’t loading, do a few more checks in the next 3 minutes to make sure the site isn’t working. If the site still does not work, you will be notified immediately.

Frequent asqued questions

Complimentaryservices are installed by default on all sites designed and developed by pampaPress.

  • Firewall for protection and automatic blocking of intrusion attempts provided by the inclusion of a free plugin developed by the company Wordfence.
  • Critical updates of plugins, in cases where a security breach has been detected in any of them.
  • Control of the online presence of the site offered through a centralized system. In the event of a service interruption, an alert is generated by email that allows action to be taken in critical cases.
    Important: pampaPress takes no responsibility for cases where failures are caused by customer / administrator interaction with your site.

The fee-based services are part of the pampaPress Maintenance Services, particularly those that require personal attention from pampaPress.

  1. WordPress core update: With each version change, a backup must be made, to restore operation in the event of collisions between the components that complete the site’s functionalities.
  2. Backup:Monthly backup file of the database, plugins and content.
  3. Updating of plugins, both critical and regular.
  4. Control of the online presence of the site offered through this centralized system. In the event of a service interruption, an alert is generated by email that allows action to be taken in critical cases.
    Important: pampaPress will take responsibility for the cases in which the failures are caused by the interaction of the client / administrator with your site, as long as it has contracted the Maintenance Service.
  • A Critical Update results from an alert issued by a responsible service, every time a possible vulnerability is discovered in the WordPress system or any of the plugins in use.
  • WordPress core update. With each version change a backup must be made, to restore operation in the event of collisions between the components of the site.
  • Plugin updates, both critical and regular.
  • The security of the site is provided by the inclusion of a free plugin developed by the Wordfence company. It keeps a Firewall active that prevents intrusion attempts
  • You will find available on this site some Security Notes that describe in detail the modality of the different types of attack as these attempts are detected.
  • On the other hand, security scans are carried out regularly through two free services from the companies Sucuri (manually) and GravityScan (automatically) that checks if the site has leaks or is penalized for spam.
  • As part of this same service, updated reports are received from different sources that allow action to be taken against possible risks.

Security Notes

Fundamentally, a brute force attack is exactly what it sounds like: a means of violating the back doorof a website with relentless successive attempts.

Introduction to brute force attacks

With a brute force attack on WordPress websites, a hacker trying to compromise your website will try to enter your site’s administration area by trial and error, using thousands of username / password combinations. This is generally accomplished with automated software specifically designed to generate and then attempt countless combinations one after another, over and over, in order to find a needle-in-a-haystack combination that will leave you in your admin area. WordPress.
From there, they can wreak havoc on your site based on your wishes.

Brute force attacks are difficult, if not impossible, to carry out manually. Instead, hackers write simple scripts, called bots, that carry out thousands of these robbery attempts against websites on autopilot. Typically, these bots are written by attackers and designed to be easily distributed across many hacked machines. These groups of bots, or botnets, work in conjunction with other commonly accessible tools that generate thousands of passwords or use a word list. The latter is known as a dictionary attack, due to its reliance on ‘dictionaries’ or long lists of words to test as a list of passwords and / or usernames on your website.
These lists can be reused by many hackers over and over again.

Source: Wordfence
See full note(in English)

What hackers do with compromised sites.

Site owners are surprised that their sites can be victims of attackers. Most of them assume that if there is no juicy data to steal, such as credit card numbers, compromising your site is a futile exercise. Unfortunately they are wrong.

In addition to the data, visitors to a compromised site may be exploiting the vulnerability in various malicious ways The web server can be used to run malicious software, host unauthorized content, and harness the reputation of the domain name and IP address for various purposes.