Sucuri | Cliente | WP Beginner

Collected Information

We collect and use personal data only as it might be needed for us or instructed by you to deliver you our world-class products, services, websites applications (collectively, our “Services”). Your personal data includes information such as:

Name
Address
Telephone number
Email address
Other data collected that could directly or indirectly identify you.

We collect information so that we can provide the best possible experience when you utilize our Services. Much of what you likely consider personal data is collected directly from you when you:

(1) create an account or purchase any of our Services (ex: billing information, including name, address, credit card number, government identification);
(2) request assistance from our award-winning customer support team (ex: phone number);
(3) complete contact forms or request newsletters or other information from us (ex: email); or
(4) participate in contests and surveys, apply for a job, or otherwise participate in activities we promote that might require information about you.

Information Usage

We may use the information we collect for certain purposes, including the following:

Maintain and provide our Site, products, and services
Fulfill the purpose for which you provide it
Personalize your experience
Improve our Site, products and services
Develop new products and services
Process transactions
Improve security
Detect and prevent fraud
Protect our and our visitors' safety
Analyze and monitor activity on our Site
Comply with our obligations
Marketing
Exercise our rights
Enforce our contracts

Information Sharing

We may share your information in certain circumstances, including the following:

With Service Providers and Vendors: We may retain other companies and individuals to perform services for us, and we may collaborate with other companies and individuals with respect to particular products or services (collectively, “Providers”). In doing so, we may share information with these Providers and/or these Providers may collect and process your information. Examples of Providers include data analysis firms (e.g. Google Analytics), customer service and support providers, payment processors, and internet service companies. These companies are authorized to use your personal information only as necessary to provide these services to us.

Legal Compliance & Protecting Rights: In certain situations, Sucuri may be required to disclose personally identifiable information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personally identifiable information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. Sucuri may be required to disclose personally identifiable information for compliance with applicable laws. In addition, Sucuri may elect to monitor the areas of communication of any kind (i) to satisfy any law, regulation, or government request; (ii) if such disclosure is necessary or appropriate to operate Sucuri; or (iii) to protect the rights or property of Sucuri or others.

To Members of the Corporate Family: Sucuri may disclose your information to our parent, subsidiaries and other affiliates, and their agents and employees.

Business Transfer: In connection with the potential sale or transfer of Sucuri (in whole or in part), Sucuri reserves the right to sell or transfer your information (including, but not limited to name, address information, and other information you provided to Sucuri) to a third party.

Consent: We may also disclose your personal information to any other third party with your prior consent.

Cookies & Other Tools

Our Site uses cookies to identify you so you don't need to log in each time you visit our Site. The cookies are linked to your customer identifier, which is associated with the information in your account. If you reject cookies, you may still use our Site and applications, but your ability to use some features or areas may be limited.

Within our Site we and our partners, affiliates, and/or analytics or service providers use technologies such as cookies, beacons, tags and scripts to analyze trends, administer the Site, track visitors' movements around the Site and to gather demographic information about our visitor base as a whole. We may receive reports based on the use of these technologies by these companies on an individual or aggregated basis.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp and/or clickstream data. We use this information gathered about you from our Site to help personalize search results, diagnose problems with our server, and to administer our Site. We also gather broad demographic information from this data to help us improve our Site and make your browsing and purchasing experience more enjoyable. This is not linked to any personally identifiable information, except as necessary to prevent fraud or abuse on our system.

We also use tracking technologies such as: CI codes (click tracking), ISC (source tracking), and ITC (item tracking codes, attached to purchases at an item level, used to determine where within the application a product was added). We report this data back to our Sucuri web services. These results are not shared with any third parties and are used solely for deciding when to retire SDKs/OS versions and to identify characteristics of major visitors so that we may optimize our applications and services for those visitor types.

You can set your browser to notify you when you receive a cookie and you can refuse it; this may, however, reduce functionality of certain Site features.

Geolocation Data

With your express consent, we may access and track location data from your mobile device in order to personalize results or other content. We do not tie any personally identifiable information about you to any of the location tracking technologies that we use.

Targeted Advertisements

Absent any instructions from you, Sucuri may use information you provide to inform you about additional services and products offered by Sucuri’s affiliates, Sucuri venture companies, Sucuri authorized agents, and, where you have consented or where permitted under applicable law, other goods and services providers with whom Sucuri has relationships and whose offerings might be of interest to you. Sucuri and our third party partners may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here, or if located in the European Union click here. Please note you will continue to receive generic ads.

Supplementation of Information

In order to provide certain services to you, we may on occasion supplement the information you submit to us with information from third party sources (e.g., information from our strategic partners, service providers, or the United States Postal Service). We do this to enhance our ability to serve you, to tailor our products and services to you, and to offer you opportunities to purchase products or services that we believe may be of interest to you.

Security

The security of your personally identifiable information is important to us. We follow generally accepted standards to protect the personally identifiable information submitted to us, both during transmission and once it is received. Even though we take precautions to protect information, no security measures can be 100% secure, and we cannot guarantee the security of your information. If you have any questions about the security of your personally identifiable information, you can contact us at privacy@sucuri.net.

Do Not Track Disclosures

Do Not Track (“DNT”) is a privacy preference that visitors can set in their web browsers. When a visitor turns on DNT, the browser sends a message to websites requesting that they don’t track the visitor. Currently, there is no standardized way to respond to such signals, and we do not respond to such signals at this time. For information about DNT, visit www.allaboutdnt.org

Data Retention

We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements.

Visitor Consent

Information that you disclose in a public space, including on any blog, bulletin board, chat room, or website Sucuri may host for you as part of your Sucuri services, is available to anyone else who visits that space. Sucuri cannot safeguard any information you disclose in these locations.

If you voluntarily offer any feedback, data, answers, questions, comments, suggestions, ideas or the like, Sucuri will treat that portion of the information as non-confidential and nonproprietary and, except as otherwise expressed in this Policy, Sucuri assumes no obligation to protect such information from disclosure. To request removal of your personally identifiable information from our blog or community forum, contact us at privacy@sucuri.net. In some cases, we may not be able to remove your personally identifiable information, in which case we will let you know if we are unable to do so and why.

Third Party Sites

Additionally, the Sucuri Site contains links to sites that belong to third parties unrelated to Sucuri. Sucuri cannot protect any information you may disclose in these sites and recommends that you review the privacy policy statements of those sites you visit.

Transborder Transfer

If you are visiting this Site from a country other than the country in which our servers are located, your communications with us may result in the transfer of information across international boundaries. By visiting this Site and communicating electronically with us, you consent to such transfers.

The E.U-U.S and Swiss-U.S. Privacy Shield Frameworks

Our parent company, Go Daddy Operating Company, LLC (and our related entities, including GoDaddy.com, LLC, Blue Razor Domains, LLC, Starfield Technologies, LLC, Domains by Proxy, LLC, Outright, Inc., Mad Mimi, Inc. and Media Temple, Inc.) participates in and has certified its compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. Go Daddy Operating Company, LLC is committed to subjecting all personal data received from the EU or Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

Go Daddy Operating Company, LLC is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Go Daddy Operating Company, LLC complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to each Privacy Shield Framework, Go Daddy Operating Company, LLC is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Go Daddy Operating Company, LLC may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Access

Upon request, we will provide you with a copy of your account data (EU customers only), or information about whether we hold, or process on behalf of a third party, any of your personally identifiable information. To request this information please contact us at privacy@sucuri.net.

You may also correct or request deletion of your personally identifiable information by contacting us at privacy@sucuri.net or through the Account Center (for instructions, click here.) We will respond to these requests within a reasonable timeframe.

Children

Our Site, products, and services are not directed to children, and we do not knowingly collect personally identifiable information from children under 13. If you believe that a child under the age of 13 has given us personally identifiable information, please contact us at privacy@sucuri.net.

Updates

We may update this Policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Data Protection Authority

If you are a resident of the European Economic Area (EEA) and believe we maintain your personal data subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority, the UK's Information Commissioner’s Office, as noted below:

www.ico.org.uk
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire, SK9 5AF
Phone: 0303 123 1113

Contact Us

If there are any questions regarding this privacy policy, you may contact us:

Media Temple, Inc. d/b/a Sucuri
6060 Center Dr. Suite 500, Los Angeles CA 90045
P: 877.873.0817
E: privacy@sucuri.net

Começando com WordPress

WPBeginner foi fundada por Syed Balkhi como um esforço para educar quem é novo na plataforma WordPress. O site se concentra no "como" e "porquê" de usar o sistema de gerenciamento de conteúdo WordPress. Usado em mais de 25% de todos os sites - em todo o mundo, WordPress tornou-se rapidamente o CMS mais popular do mundo. O apelo de longo alcance do WordPress é resultado da flexibilidade da plataforma e da acessibilidade para os iniciantes. Qualquer um pode encontrar temas gratuitos que vão desde a fotografia até eCommerce, o painel é fácil de usar, assim como a contrução de um melhor SEO.

Esses recursos funcionam em conjunto para proporcionar um elevado valor em consonância com poucas barreiras à entrada para todos: de pequenos empresários a pequenas, médias e grandes empresas. Da mesma forma, WPBeginner deriva seu propósito de ajudar uma ampla gama de pessoas e empresas a ter sucesso online. A organização trabalha para minimizar a confusão do nível de entrada e verdadeiramente capacitar os visitantes a tirar proveito da comunidade de código aberto do WordPress. Ao oferecer dicas, truques, avisos, widgets, plugins, revisões e como fazer, WPBeginner ilumina o caminho para uma presença funcional na web baseada no WordPress. Em 2013, WPBeginner divulgou uma revisão da Sucuri explicando sobre os benefícios do nosso plugin para WordPress. Embora as estatísticas são difíceis de medir, poderíamos facilmente afirmar que o WPBeginner ajudou a lançar e ou salvar milhares de sites e empresas.

Doe um Pouco, Ganhe Muito

Tendo ajudado tantos, não é nenhuma surpresa que o WPBeginner tem crescido até ter o grande alcance que possui hoje. Como um dos sites mais populares online, é fácil compreender porque ele recebe um grande volume de tráfego diário. O site atualmente atende a mais de 300.000 visualizações de páginas diariamente (em média) e um total mensal que excede os 9 milhões. Construir uma infraestrutura capaz de sustentar um site tão popular como WPBeginner não é uma tarefa simples e manter a funcionalidade, a velocidade e a disponibilidade em face a ataques é um conjunto separado de obstáculos.

WPBeginner.com não foi uma exceção à regra. Ao longo do tempo, o tráfego do site começou a apresentar sua própria quota de desafios. Sérios desafios./p>

Começamos a receber um monte de ataques de feed, que são ataques de estilo agressivo assim como os ataques de DDoS, nos quais os bots atingiam nosso feed e utilizavam-no. Nossa primeira reação era bloquear os caches, mas houve momentos em que teríamos milhares e milhares de pessoas com solicitações provenientes de apenas um endereço de IP tentando obter acesso de feed, tentando estourar o cache. Quando fossem capazes de estourar o cache, eles poderiam fazer um ataque de DDoS no site.

Além de sofrer ataques DDoS, havia ainda as tentativas de força bruta. A questão é tão prevalente entre a comunidade WordPress que WPBeginner publicou um blog post sobre as tentativas maliciosas anos atrás. Para você ter uma melhor perspectiva da gravidade do problema, durante um mês (de agosto de 2015 a setembro de 2015) a Sucuri viu mais de 1 bilhão de tentativas de força bruta contra sites WordPress. O aumento da carga do servidor e os ataques consistentes pesavam sobre o site e causou problemas de desempenho que exigiram a atenção de um especialista e uma grande quantidade do valioso tempo de Syed em gestão direta. Quando teve que lidar com este problema, Syed fez o que era recomendado.

Uma Solução Comprovada

O jovem empresário, Syed (que também é o fundador da OptinMoster e da List25) sempre apreciou e compreendeu a importância da segurança de sites. No entanto, há alguns anos, Syed confiou a segurança de seu site pessoal à Sucuri em uma jogada de maximização do seu tempo. A experiência foi muito bem sucedida. Na sequência de vários desafios com seu outro empreendimento, Syed colocou o List25.com no Website Application Firewall (WAF) da Sucuri no início de 2015. Nos primeiros meses após a mudança, ele tomou conhecimento de alguns fatos importantes. O site tinha registrado quase180.000 tentativas de ataques maliciosos bloqueados.

De maio de 2015 a meados de agosto, o top 5 de ocorrências bloqueadas foram: Comentários de Spam, ~70986 (39%); tentativas de DDOS, ~27.907 (15%); Acesso Bad Bot, ~18565 (10%); tentativas de Força Bruta, ~15047 (8%); tentativas de Evasão ~10.575(5,8%). Todas as tentativas foram frustradas com sucesso, mas nenhuma dessas tentativas necessitou da ajuda direta de Syed ou da gestão ou qualquer envolvimento significativo de sua equipa. Esse resultado consistente levou Syed a incluir o WPBeginner.com na sua conta da Sucuri.

Os problema que havia experimentado no passado me motivaram a tomar essa decisão. Depois que eu testei o serviço da Sucuri no List25 e no meu site pessoal, eu somente precisava adicionar sites a minha conta.

Expectativas Altas

Inspirados na experiência anterior, Syed depositou altas expectativas nos serviços de segurança da Sucuri, nomeadamente no Web Application Firewall. Para ser bem sucedido, o firewall precisava mitigar com sucesso ataques potenciais (independentemente do tamanho ou da complexidade) e reduzir a quantidade de tempo que Syed e sua equipe passavam lidando com problemas de segurança do WPBeginner. Em algumas semanas, as estatísticas mostraram que as expectativas tinham sido atendidas e superadas.

Objetivos Vencidos

Nos três primeiros meses, o WPBeginner.com viu mais de 450.000 ataques serem bloqueados. Esse número é mais do que o dobro de ataques que haviam sido bloqueados no List25 nos 3 primeiros meses de uso do firewall.

As 10 maiores tipos de ataques bloqueados:

	Tipo	Tentativas Bloqueadas
1. Exploit bloqueado por virtual patching	84.011
2. Endereços IP na lista negra	72.495
3. Acesso negado para bot malicioso	72.495
4. Local de backdoor negado	29.690
5. Tentativas de DDOS bloqueadas	29.676
6. Acesso de bot falso	29.571
7. Tentativas negadas de evasão	21.887
8. Exploit bloqueado por virtual patching	17.078
9. Pedidos de spam bloqueados	14,857
10. Ferramentas de escaneio bloqueadas	13.842

Embora esse tenha sido definitivamente um resultado positivo, houve ainda um outro fato igualmente intrigante. Um benefício muitas vezes esquecido do WAF da Sucuri tornou-se muito evidente nos meses seguintes após o WPBeginner começar a usar o CloudProxy. Syed afirma claramente:

Nosso tempo de carregamento do servidor diminuiu para o WPBeginner - insanamente! Segurança é uma grande coisa e é a principal razão pela qual usamos a Sucuri, mas a vantagem adicional é a velocidade - porque tudo que passa pelo WAF fica muito mais rápido.

Gerenciar mais de 9 milhões de visitas ao site por mês não é uma tarefa simples. A manutenção da disponibilidade do site, especialmente a nível de popularidade do WPBeginner, exige ponderação em muitas áreas diferentes. Ainda assim, o tempo de carregamento da página e de carregamento geral do servidor pode facilmente tornar-se questões impactantes. Neste caso, o uso do core do servidor do WPBeginner tinha anteriormente atingiu o pico norte de 3 cores e poderia rapidamente tornar-se sobrecarregado no caso de uma tentativa de DDOS ou de Força Bruta. Depois de tirar vantagem do Web Application Firewall da Sucuri, a situação foi remediada.

Agora, com o site na nuvem da Sucuri, existem várias camadas de cache. A camada de cache da Sucuri e depois a camada de armazenamento de cache nossa. Então, quando vem os ataques, primeiro atacam o cache da Sucuri. O carregamento para o MEU servidor, agora, é ABAIXO de 1 core. Antes, era muito elevada de 3 +cores.

Ainda houve um benefício monetário resultante da entrada do WPBeginner no serviço de firewall da Sucuri.

Para mim, a maior vantagem de usar a Sucuri é que eu não tenho que ter um administrador de servidor. Eu não preciso de um quinto admin, porque antes o trabalho do quinto admin era monitorar o servidor e reconhecer e mitigar quaisquer ataques. Eu tinha um quinto admin, em tempo parcial e eu estava pagando $2.500/mês para mantê-lo.

May 25th, 2018

WPBeginner

Começando com WordPress

Doe um Pouco, Ganhe Muito

Uma Solução Comprovada

Expectativas Altas

Objetivos Vencidos

POR QUE SUCURI?

Obtenha Segurança Completa de Sites

Contate-nos

Privacy Policy

May 25th, 2018

Collected Information

Information Usage

Information Sharing

Cookies & Other Tools

Geolocation Data

Targeted Advertisements

Supplementation of Information

Security

Do Not Track Disclosures

Data Retention

Visitor Consent

Third Party Sites

Transborder Transfer

The E.U-U.S and Swiss-U.S. Privacy Shield Frameworks

Access

Children

Updates

Data Protection Authority

Contact Us

WPBeginner

Começando com WordPress

Doe um Pouco, Ganhe Muito

Uma Solução Comprovada

Expectativas Altas

Objetivos Vencidos

POR QUE SUCURI?

Obtenha Segurança Completa de Sites

Contate-nos

Segurança Completa para Sites