Spotlight – How Cart66 Maintains Security for Ecommerce

Cart66 offers a comprehensive plugin solution for WordPress shop owners. With a unique suite of services, intuitive features, and essential security components, Cart66 provides everything you need to operate a PCI compliant online store.

PCI compliance is one of the most important considerations for any ecommerce site. Cart66 connects your WordPress website to a hosted payment page that works with over 100 payment gateways. On top of this, they also import your WordPress theme to seamlessly integrate your checkout page with the rest of your site.

Security in Mind

Lee Blue founded Cart66 back in 2008 when ecommerce plugins were scarce and geared toward larger stores. Cart66 made it simple for anyone selling products on WordPress to integrate a secure ecommerce solution. Their payment pages aren’t the only secure feature. Cart66 also offers a verified Business Class SMTP server and secure hosting for digital downloads via the Amazon CDN:

Our goal is to lower the barriers to entry for people looking to start an online business. It can be a huge hassle to try to put together all of the pieces that make up the WordPress ecommerce puzzle.

In addition to focusing on security for their own product, Cart66 had to protect their own WordPress site from bots and hackers:

At one point we were getting so much traffic from bots it was almost crashing our WordPress server. The other issue is we wanted to improve our sites speed with a CDN. While having these needs, we were also doing some custom stuff on our site involving account activation with some custom PHP code running outside of WordPress.

Lee had previously been using CloudFlare but soon discovered Sucuri offered features specific to protecting WordPress sites. One of the hosts they use for custom WordPress development deployed a managed WordPress hosting platform called Bulletproof WordPress Hosting. The owner set up Lee with a test account and part of the package included the Sucuri Firewall. The improved security and performance of the website sealed the deal.

I intend to use Sucuri with every serious WordPress site we deploy from now on. The ability to lock down the WordPress admin is awesome. Not only that but I can actually see bad guys getting blocked which is very satisfying.

Proof and Performance

After implementing the Sucuri Firewall across their WordPress sites, Lee was able to dig into the reports and configuration settings. Not only did Cart66 experience the benefits of a faster website, but they could see the number of attacks clearly using the Sucuri dashboard.

The content delivery network is great. You can easily clear the cache, temporarily disable cache if you are working on something, and even stop caching for certain URLs. SSL support is great. I haven’t run into anything I want to do but couldn’t. Sucuri has all the tools you need right there.

The main job of the firewall is to protect your website against bots and hacking attempts, but it also records these logs for people who like to see how their traffic is affected by malicious users. The dashboard offers several visual charts and graphs to better understand the number and type of attacks being thwarted. While the firewall can be a set-it-and-forget-it solution, Lee prefers to take advantage of the options available for power users, and logs in regularly to check on the current status of his protected sites.

Comprehensive Security

When it comes to security, Cart66 understands better than most how important it is to secure your online presence. This is especially true for ecommerce websites. Not only do online stores have to manage the risk of losing sales to hackers, but they also need to take steps to protect against a PCI compliance breach involving customers’ Personally Identifiable Information (PII).

WordPress websites also get a lot of attention from hackers due to its popularity. Over 25% of all websites run WordPress, making it a huge target. The Sucuri Firewall responds to this by offering several features that address the most popular security issues affecting WordPress, including an IP-protected login page, XML-RPC attack blocking, and Layer 7 DDoS protection.

The bottom line, for me, is that Sucuri changes the game and brings WordPress hosting back into the hands of individuals so you don’t have to rely entirely on the fancy managed WordPress hosting companies.

For more information on how we provide website protection and performance, visit our website and chat with our Customer Happiness team today.

Read the Full Cart66 Case Study!

If you would like to be featured as our next customer case study, click the button above and fill in the form at the bottom of the page.


1 comment

Comments are closed.

You May Also Like