SiteRocket was built with a number of important security features, which are summarized below.
At the heart of the SiteRocket system lies a compact, well organized class of code that authenticates all user actions throughout the entire content management system. Every action that takes place in SiteRocket is checked against this code - whether a user is uploading a file or deleting an entire section of the website. This code is centralized, lightweight and difficult to circumvent.
Whenever a user performs an action that must be validated by SiteRocket, such as editing or publishing a web page, SiteRocket performs two sets of security checks to ensure that the action is valid. First, the user is autheticated to make sure that they are never given the opportunity to perform a restricted task - such as being shown a "Delete" button for content that they are not allowed to delete. Secondly, any request made to SiteRocket (such as when the user actually clicks the "delete" button) is double-checked on the "back-end" (server) to ensure that the request was not made by a malicious user.
SiteRocket's login page can be protected using SSL encryption ("https") if desired. This encrypts user logins, making this information more difficult for malicious users to access.
SiteRocket's RBAC (role-based access control) functionality enables companies to easily configure fine-tuned permissions for groups of users within their organizations. These permissions are flexible and fully extensible in the code - enabling us to let you allow or restrict users from performing tasks that are specific to your organization.
SiteRocket logs all unsuccessful login attempts, and blocks the the account and/or IP address of any user whose number of failed logins pass a pre-determined threshold within a specific period of time.
Block any user from logging into SiteRocket by entering their username and/or IP address.
If you host with us, your website's content is backed up each night in a format where it can be easily recovered. This additional safety precaution is just another way we're here to help.
