Website Security Monitoring & Incident Response Protocol

Website Security Monitoring & Incident Response Protocol

Data Access or Breach Detection
If any attempt is made to access our websites we are notified straight away, all login attempts are sent to our team

  • We log these activities, including IP address, timestamp, file paths, and affected endpoints.

  • Server security team monitors server-level access logs, so if any database export or unauthorised data download occurs, it’s recorded and visible to their internal incident response team.

  • In the event that a confirmed data breach occurs, our server provides any incident information to us.

Additionally:

  • We have access to detailed audit and access logs that can be reviewed to determine if data was viewed, exported, or modified.

  • Data from contact forms is not stored permanently and is periodically purged, reducing the risk of any significant data exposure.

Manual Review & Verification
Upon receiving a security alert, Media Island will:

  1. Review Security monitory logs and Server logs to determine the severity and nature of the event.

  2. fWe see the time stampt in when this occured and we automatically role the site back before the incident (downtime will be very minimal). Our sites are backed up every 2-4 hours for this reason. So minimal data or website content changes is lost.

  3. Identify whether any unauthorized access actually occurred. Sometimes this is just a redirect into the site headeer code

  4. Quarantine or disable compromised files or plugins.

  5. Block the source and implement additional IP-level restrictions if needed.

Containment & Recovery
If any files are compromised or defaced:

  • We perform an instant rollback using servers backup system (which runs every two hours).

  • The site can be restored to a clean, verified version within minutes.

  • A full scan is then re-run through Wordfence to confirm no remaining malicious code.

Post-Incident Procedures
After any confirmed incident:

  • All passwords, API keys, and access credentials are reset.

  • An updated plugin/theme audit is conducted to patch any vulnerabilities. (we find the source of the issue)

  • A written summary, and incident report (with future prevention measures and responsibility action plan) is provided outlining the cause, response, and preventive actions, and reason for the occurence for prevention

If a data breach involving personal information is confirmed, Media Island would immediately:

  • Notify the client (and our servers compliance team).

Ongoing Protection

  • All plugin, theme, and WordPress core updates are maintained regularly.

  • Wordfence live monitoring and server security firewall run 24/7.

  • Cached data and stored form entries are purged routinely.

  • We maintain continuous oversight of the site’s login and file-change logs.

Skip to content