Website Additional Security Pack
Failed Login Reporting
Hacking Attempt Reporting
IP Address Blocking
Once Off Payment
Terms and Conditions Apply
Emergency Off-Line switch to put your site securely off-line in the case of an attack
Protection of its configuration with a Master Password
Full logging of security exceptions
Web Application Firewall
Auto-ban IPs causing excessive security exceptions (fully customisable)
Send out an email when a security exception occurs
ACL: fine-grained control over which features each user can access
Protect access to your administrator directory with a username and password
Change your Super Administrator ID
Fix the permissions of all files and directories on your server or apply your own configurable, custom permissions down to file and directory level
Automatically rewrite links pointing to your old site’s domain name / directory to point to your new domain name / directory
Automatically convert all links to insecure (HTTP) items to HTTPS when your site is accessed over SSL
One-click purge of your temporary directory
Change your database collation (MySQL only)
Repair and optimise all of your site’s tables (MySQL only)
Purge and optimise the sessions table with a single click (MySQL only)
URL redirection with features beyond even what Joomla! has to offer
Scheduled cleanup of your temporary directory
Scheduled optimization of your sessions table (MySQL only)
Scheduled purge of your sessions table (MySQL only)
Automatic migration of hardcoded URLs in your articles, modules and everywhere when you change your site’s domain name/location
PHP file changes and security scan
.htaccess and NginX Configuration Maker
Disable directory listings
Protect against common file injection attacks
Disable PHP Easter Eggs
Block access to security-sensitive files such as htaccess.txt, configuration.php-dist and php.ini in your site’s root
Block specific user agents
Protection against direct access to PHP file. It can even block access to uploaded hacking scripts, mitigating the attack.
Force index.php parsing before index.html
Optimise expiration time (good for SEO)
Automatically compress static resources such as images, CSS, JS
Redirect index.php to site root
Redirect www to non-www, or non-www to www site, e.g. http://example.com to http://www.example.com
Redirect old domain name to new domain name
Force HTTPS for specific URLs, even when Joomla! doesn’t let you to
Force HSTS header for increased HTTPS security
Customised exceptions, down to the component, view or query string level
Geographic Blocking: prevent access to your site by specific countries or continents
IP black-listing: prevent access to your site by specific IP addresses or blocks of IP addresses
Administrator IP whitelist: only allow access to your site’s administrator section by specific blocks of IP addresses
Administrator secret URL parameter. You can only see the administrator login page if you append ?secretWord to the URL (the secret word is customisable)
Change administrator login URL (e.g. use http://www.example.com/mylogin instead of http://www.example.com/administrator /wp-admin)
Send email on successful or failed administrator login
Customisable email templates and rate throttling for Admin Tools emails
Forbid front-end Super Administrator login to deter brute-force password cracking
SQLiShield protection against SQL injection attacks
Cross Site Scripting block (XSSShield)
Malicious User Agent block (MUAShield)
CSRF/Anti-spam form protection (CSRFShield)
Remote File Inclusion block (RFIShield)
Direct File Inclusion shield (DFIShield)
Uploads scanner (UploadShield)
Anti-spam filtering based on Bad Words list
Hide/customise generator meta tag
Block access to extensions installer
Disable editing backend users’ properties
X-Content-Encoded-By HTTP header content for GZip compression customisation
X-Powered-By HTTP header override
Block tmpl=foo system template switch
Block template=foo site template switch
Integration with Project Honeypot’s HTTP:BL anti-spam / anti-hacker IP blocking directory
Terms and Conditions
Website must be on WordPress or Joomla Platform
Website must be in a healthy condition. To be determined by analysis.
A timestamp video of website will be created before implementation.
Security Pack is not fail proof can fail due to following reasons: Technical issues, Errors, Server Technology Changes, Master Hacking.
Admin access will be needed to do analysis.
Bunnypants is not responsible to maintain the health of the website during contract period, unless SLA is signed for these services.
Client can request a digital backup to send to them for safe keeping at a fee.
Bunnypants is not responsible for malicious act, hacking or user negligence. Client needs to maintain website properly.
If major changes or upgrades are made to website client need to ask for a reanalysis and date stamped video of website to be made for records.
Client can ask for custom quote to backup website weekly, daily or any other extra parameters needed.
Payments are made pro-rata.