WebMechanix is a full-service digital marketing agency focused on managing the online presences of over 100 web properties. In 2009, when WebMechanix was founded, managing websites was a bit less stressful. For website administrators, security was not as much of a concern as it is today. All at once, hackers became wise to the lucrative nature of the most popular website platforms on the internet.
Over the next several years, website owners were met with wave after wave of attacks. There were mass server infections against major hosts and a growing number of vulnerabilities in popular extensions for content management systems like WordPress. Fortunately, WebMechanix had the drive to meet this challenge head on.
Website Agencies and Security
Dave Brong is the CTO of WebMechanix. His two decades as a web programmer gave him experience in the fields of web hosting, security, and forensics. Dave understands that most agencies don’t want to be full-service webmasters; they would rather be focusing on the work they love. Maintaining and updating websites for clients means that you are the person they will go to first if their website is hacked.
Business owners see their website as ‘online’ and assume that’s how it’ll always be – at least until the website gets hacked, or until it’s suddenly ‘offline’, or until it’s sending out a million spam emails and getting their email domain blacklisted. It’s only when disaster strikes that they start asking who’s responsible for the website’s health.
Client sites operated by WebMechanix frequently experienced downtime, embedded spam, and malicious redirects. Dave recalls it being so widespread that it was hard to control the chaos.
We had to patch, or restore, and get them online as quickly as possible and move onto the next client. This caused reinfection in some sites since the hackers would modify files and sit on them for months before triggering the real hack.
As more and more vulnerabilities in popular plugins were surfacing, it became clear that WebMechanix needed to step in and do more to protect clients websites. Dave began searching for a way to offer their clients peace of mind, while allowing his team to focus on building the sites and implementing marketing strategies.
Our clients spend thousands of dollars a month with us on their marketing campaigns. So relating security services back to their campaigns was easy — ‘Do you want to risk getting your site hacked, losing all of the hard work we did marketing the site over the past 6 months?’ The answer is a fast ‘No.’
Searching for Solutions
Dave knew he needed to find a reliable security company to help his team handle the growing problem of website attacks and malware infections. Most of the sites were experiencing specific WordPress and Joomla hacks. Dave looked to their respective communities to research a solution he could trust.
I’ve always kept an eye on WordPress-related news, and the name Sucuri kept popping up – everywhere.
Leveraging the Sucuri Firewall (CloudProxy) allowed WebMechanix to offer clients a comprehensive security solution. The cloud WAF introduces a perimeter defense system around each website. This unique protection platform includes virtual patching for security updates and virtual hardening to limit exposure to attacks. The intrusion prevention system provides a unique multi-tiered approach, including whitelist-based application profiling, a signature-based blacklist engine, and machine-learning algorithms to protect all sites across the Sucuri network.
We’re not a specialized team of highly-skilled forensic analysis after all. Enter Sucuri CloudProxy. The CloudProxy system lets us sleep well at night. It combines expert research from the security gurus with mass-pattern recognition.
Protection is not the only Sucuri product that WebMechanix deployed. The Sucuri AntiVirus – which offers robust monitoring, alerting, and unlimited hack cleanups – actually includes the website firewall by default, making it a complete security system for website administrators. Dave also knew he needed a solution that he could quickly activate and monitor across all of his clients’ sites.
What really solidified our decision was the ease of implementation of the Sucuri system. A couple clicks of a button and a DNS change are all that is required.
With the Sucuri AntiVirus in place, the monitoring and protection meant that WebMechanix could finally relax. From now on, if a site was compromised, they simply opened a malware removal request to get immediate help from the globally-distributed team of Sucuri security analysts.
The Sucuri CloudProxy and Antivirus products have proven to be tremendously beneficial for us because we only need to focus on one protection platform. From a management perspective, this greatly simplifies our day-to-day IT tasks relating to fine-tuning, reviewing, and adjusting security settings.
For an IT professional like Dave, the Sucuri Firewall also gives a performance boost and unprecedented insight into the attack landscape. With all the reporting options inside the Sucuri dashboard, the WebMechanix team is essentially informed when it comes to the health and safety of their clients’ websites.
CloudProxy can be a set-it-and-forget it tool, but we don’t use it that way. We constantly review the audit logs and reports to make sure each website is running to its peak performance level.
Most importantly, WebMechanix felt their responsibility as webmasters and passion for marketing were equally satisfied by partnering with Sucuri.
By implementing the Sucuri Firewall, we’re better able to look out for our client’s long term marketing goals. Hundreds of thousands of dollars from marketing campaigns could be wasted overnight if your website gets hacked. It’s not worth the risk.
If you would like to be featured as our next customer case study, click the button above and fill in the form at the bottom of the page.