Security Guarantee

This description explains what the Security Guarantee at Seravo entails and how we act if a security breach is detected on a website. We follow these steps upon detecting or receiving a notification regarding a security issue on a customer’s website, such as malware.

1. Detection and Response
2. Immediate Action and Site Suspension
3. Security Investigation
4. Site Cleanup
5. Reporting
6. Restoring the Site

The Security Guarantee is an integral part of Seravo’s premium hosting for WordPress and is included in every WordPress plan. Seravo’s Security Guarantee does not include liability for damages caused by criminal activities; a separate security insurance policy can be purchased from an insurance company, if desired.

Examples of Security Breaches

Harmful effects resulting from unauthorized access to your site may include:

• Malware on the site
• Hidden spam content
• Site sends spam or phishing messages
• Unauthorized modification or addition of content
• Customer data leaks
• Hijacking payment information

In our experience, the most common reason for attacks and security breaches on WordPress sites is a weak or leaked password. Outdated or unmaintained plugins or themes also pose security risks. At Seravo, all critical security updates are performed by our systems specialists as soon as possible.

Security Incident Scenario

1. Detection and Response

• Detection: A security issue such as malware is detected either by our systems, by our specialists, or based on a customer notification. Seravo scans sites for malware daily. We recommend always notifying us if the you see something on your site that raises concerns about a possible security problem.
• Response: Security investigation response time is our primary metric (SLO). Response time describes the time between making a discovery and taking action, i.e., how quickly our systems specialists react to security breaches. For WP Start, WP Pro, and WP Business hosting plans, the response time is the next business day; for WP Corporate and WP Enterprise plans, the response time is 4 hours.

2. Immediate Action and Site Suspension

Once a security breach is confirmed, Seravo takes immediate action to protect the site and its data:

• The site is closed immediately to prevent damage from spreading: the site’s PHP is shut down, and the site is placed in maintenance mode.
• The site’s current state is backed up (including process lists, logs, and changed files).
• The site’s technical contact person is notified of the problem via email.

In the event of a security breach, the site must be closed because executing malware in our service is strictly prohibited. The longer attackers have access to the site, the more damage can be done. Closing the site aims to minimize the risk of further harm, and so freezing the site’s state is necessary to prevent additional damage. We aim to resolve damages caused by security breaches as soon as possible within business hours.

3. Security Investigation

During the investigation, the problem is mapped, malware is removed from the site, and a report is sent to the customer. If Seravo’s Security Guarantee is valid (read more below), the problem is mapped and the necessary information is collected for the report.

The time spent on the investigation (and subsequent site cleanup) cannot always be accurately estimated in advance, but we communicate the progress of the situation. At the conclusion of the investigation, we contact the customer via email to confirm consent for cleaning the site or performing other measures and to inform them of any potential additional fees for the cleaning work.

The investigation and cleanup can take several days. The schedule for the entire process depends on the method of the breach and the components used on the site. Investigations occur during normal business hours, typically weekdays from 9:00 AM to 5:00 PM (UTC+2).

4. Site Cleanup

After the investigation, any malware is removed from the site. The goal of the cleanup is a malware-free website.

If the Security Guarantee is valid, Seravo cleans up the customer’s WordPress site of malware – free of charge.

If the Security Guarantee is not valid and the security issue occurred for reasons unrelated to Seravo (e.g., weak password, malware was present on the site before migrating to Seravo, acting against Seravo’s instructions), the site is cleaned as a separately billed additional service. Alternatively, the customer must clean up the site themselves.

Validity of Seravo’s Security Guarantee

• Valid: The breach occurs for reasons unrelated to the customer despite all of Seravo’s protections: for example, a security vulnerability in a well-known plugin that the developers have not yet had time to fix.
• Not Valid: The breach occurs for reasons unrelated to Seravo (e.g., weak/leaked password, pre-existing malware in site migration, excessive user permissions, a forced unsafe plugin, or otherwise acting against Seravo’s instructions).

5. Reporting

Upon completion, a report is provided to the customer. It describes what happened, what was found, and what actions were taken, including log entries of the observations.

6. Restoring the Site

Once the security issue is proven to be resolved, the site is restored and can be reopened to visitors. Seravo notifies the customer via email when the site can be accessed again.

Security at Seravo

The Security Guarantee is only one part of how your site’s security is managed in Seravo’s hosting for WordPress. Other features include:

• Web Application Firewall (WAF): Filters harmful traffic before it reaches WordPress.
• Automatic Backups: Daily backups, available for 30 days.
• Offsite Backups: All site data is backed up to a physically separate location for disaster recovery.
• Brute-force Protection: Protection for the wp-login.php page.
• DDoS Protection: Immediate reaction to denial-of-service attacks.
• Critical Updates: Quick updates for plugins and system software.

We also recommend reading our WordPress Security FAQ and learning more about WordPress security in our knowledge base.

Prevent Security Incidents

We encourage customers to follow good security practices to prevent and minimize the effects of a breach on their site.

• Use of strong passwords and password managers
• Two-factor authentication (2FA/MFA)
• Removing unnecessary user accounts
• Principle of least privilege (no shared accounts)
• Regularly reviewing logins
• Using reliable plugins/themes

Customer responsibilities are detailed in more depth in Seravo’s Terms of Service. We are happy to provide advice and guidance on security and how to improve it. If you suspect your site has security-related issues, or if you have any other questions on the subject, please do not hesitate to contact us.