Mixd Managed Hosting is our managed WordPress hosting service that’s designed specifically for UK public sector organisations. The service hosts high profile websites like the NHS, local authorities and the emergency services. All on an enterprise platform that is optimised for large public sector websites with high volumes of content.
- Automated WordPress updates
- Web Application Firewall (WAF)
- DDoS protection
- Managed TLS certificates
- Encrypted backups
We have been working with Mixd for several years now and are really impressed by Mixd‘s commitment to cyber security.Head of Development – United Lincolnshire Hospitals NHS Trust
We pride ourselves on having an ultra-responsive, friendly team. Benefit from recommendations based on our deep experience supporting other public sector websites.
For emergency support, use our ticket system to reach our team or call and speak directly with an on-call engineer, 24 hours a day, seven days a week.
Service level agreement:
99.99% uptime SLA and the fastest possible responses to your issues. Urgent tickets have a 1-hour SLA and we will reply to general support requests in 24 hours.
Monitoring and alerting:
Our team monitors the platform and your website around the clock and will act on alerts about issues. We will inform you and start investigating if your site is down.
Integrated account team:
A dedicated account manager will provide help and guidance when needed including proactive, predictable support with regular calls and quarterly performance reviews.
We train your team to develop their skills with structured WordPress training based on years of experience training communications teams in public sector organisations.
Rapid patching addresses potential threats to your site. We alert all customers of upcoming WordPress updates and make sure you are on the latest version of the platform.
Our managed Web Application Firewall (WAF) includes WordPress-specific security rulesets. It inspects web traffic for signs of XSS or SQL injections and automatically responds to emerging threats.
Cloudflare’s Global Anycast network absorbs highly distributed attack traffic to keep you online. Origin infrastructure is protected by detecting and dropping attacks at the edge.
Logging and auditing:
We log activity at the application, web server, database and operating system layers. This allows us to analyse and investigate security issues in real-time.
Our platform automates TLS certificates from Cloudflare, ensuring certificates are always valid. Customers may also procure their own certificates from any TLS certificate authority.
A built-in CDN (Content Delivery Network) delivers site content faster to the users, regardless of their location using Cloudflare’s next-generation CDN and Argo Smart Routing’s dynamic traffic routing algorithm.
By default, Mixd Managed Hosting encrypts data at rest and data in transit for all of our customers.
Mixd Managed Hosting leverages data centres in London (United Kingdom) only.
Data centre security:
Our origin data centres meet the ISO/IEC 27001 certification, SOC 1, SOC 2 (Type Ⅱ) and many more.
Backups are taken daily and maintained for 30 days offsite on AWS S3 using AES 256 encryption.
We have specific processes to ensure compliance with GDPR including a data processing addendum.
We maintain business continuity and disaster recovery plans that are regularly reviewed and tested.
Mixd Managed Hosting hosts service data in Google Cloud data centres geographically located in London, United Kingdom which has been certified as ISO, PCI DSS and SOC compliant. Google Cloud infrastructure services include backup power, HVAC systems and fire suppression equipment to help protect your data. Backups are hosted on Amazon Web Services (AWS) S3 data centres in London, United Kingdom which are encrypted in transit and at rest. AWS infrastructure services include backup power, HVAC systems and fire suppression equipment to help protect your data.
All backup data is encrypted while in transit using TLS 1.2. All backups are stored off-site on AWS S3 and encrypted using S3’s built-in AES 256 encryption.
Our customers are welcomed to perform vulnerability or penetration testing on Mixd’s environment. Please contact your account manager to learn about options for scheduling either of these activities.
Mixd and its hosting provider are ISO/IEC 27001 compliant. Copies of relevant information security policies and certifications are available under NDA.
Yes, Mixd Managed Hosting offers a secure environment that protects your website from malicious code. Our cloud supplier (WP Engine) runs vulnerability scans on a biweekly basis.
The security of a site hosted on the Mixd Managed Hosting platform is a shared responsibility between Mixd and our customers. While Mixd is committed to providing a secure infrastructure, customers have the responsibility of user management and overseeing that security best practices are followed by their users.