Data breaches exposed 36 billion records1 in the first half of 2020. Make sure your business isn’t next.

1 Source: RiskBased

Secure your website with an endpoint firewall and malware scanner armed with the latest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Enjoy peace of mind from the most comprehensive security option available.

Total Attacks Blocked


Last 30 Days

Malicious IPs Blacklisted


Last 30 Days

$0 cost. 100% peace of mind.

We believe that website security is essential, so we include it free of charge on every website we build. In fact, it’s the very first thing we configure – so you’re protected from day one, even before we write a single line of code.


Web Application Firewall

Every website we build includes a Web Application Firewall (WAF) that identifies and blocks malicious traffic. It runs at the endpoint, enabling deep integration with your website. Unlike cloud alternatives, it does not break encryption, cannot be bypassed and cannot leak data.

An integrated malware scanner blocks requests that include malicious code or content.

The firewall also defends your website against brute force attacks by limiting login attempts, enforcing strong passwords and other login security measures.


Security scanner

The scanner checks core files for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections. It also compares your files with what is in the repository, checking their integrity and reporting any changes to you. Repair files that have changed by overwriting them with a pristine, original version and easily delete any files that don’t belong. It also checks your site for known security vulnerabilities and abandoned and closed plugins. Content safety checks ensure that your files, posts and comments don’t contain dangerous URLs or suspicious content.

We can also enable real-time firewall rule and malware signature updates, reputation checks, better control over scan timing and frequency as well as the Real-time IP Blacklist, which blocks all requests from the most malicious IPs to reduce server load. Fees apply.

Never forget another password.

See how Dashlane can give you a safer, simpler life online.

Try the password manager that makes the Internet easier by auto-filling your passwords, payments, and personal info.

Claim your 6 months of free premium access now.

Claim offer


128-bit encryption

Saint Rollox provide free SSL certificates for websites we build to ensure your data is always securely transmitted using 128-bit encryption. We also redirect all HTTP traffic to HTTPS and implement HTTP Strict Transport Security (HSTS) to minimise the risk of man-in-the-middle-attacks


Enforced SSH/SFTP Access

Saint Rollox enforce the use of encrypted SFTP and SSH connections when accessing your server directly. FTP access is disallowed.


DDoS Protection

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. Saint Rollox have automated mitigation techniques built-in, giving underlying services protection against common, frequently occurring infrastructure attacks.


Isolated Managed VPS

Saint Rollox use Linux Virtual Private Server (VPS) instances on top of Amazon Web Services (AWS) to provide complete isolation for every website. Dedicated resources mean optimal security for your website and quicker page loads for your users.


Supported PHP versions

Saint Rollox only build websites with supported versions of PHP. Unsupported versions of PHP are dangerous due to the fact they no longer have security updates and are exposed to unpatched security vulnerabilities.

Talk to us about building a website with comprehensive security.