Security you can trust
Editing live sites demands serious safeguards. Here is how WPPaza protects your work.
Encrypted credentials
SFTP/SSH passwords and private keys are encrypted at rest with AES-256-GCM. Each secret is bound to its record so a stolen blob cannot be replayed elsewhere.
Encryption in transit
All connections to your sites use SFTP/SSH. Traffic to the app is served over HTTPS.
Automatic backups
Before any file is changed, we capture a backup — making every edit reversible.
Tamper-evident audit log
Security-relevant actions are recorded in a hash-chained, append-only audit trail.
Two-factor authentication
Protect your account with TOTP-based 2FA and single-use recovery codes.
Least-privilege access
We only ever read and write within the paths you authorize. Your data is scoped strictly to your account.
Found a security issue? Email [email protected].