The importance of Cyber Security in the Web structure
The Anagni Cooperative Credit Bank is one of the most important local credit institutions operating in Ciociaria. With over 14 branches and 976 members, in 2019 BancAnagni became part of the Cassa Centrale - Credito Cooperativo Italiano Group which is based on an original development model that promotes the well-being of members and territories, contributing to the common good and creating a well-being for the next generations, within a sustainable path.
Our client’s need was to analyze the current platform with the related criticalities from the cyber security point of view and to provide solutions to preserve the security of the bank's online portal over time.
A targeted strategy
To implement a strategy compatible with the needs of the company, a series of analytical briefing sessions were initiated. The aim was to identify the key elements that made the entire web structure based on the Wordpress CMS secure, and increase the overall performance of the system itself.
After drafting a technical document about the problems of the application and the host server, we have planned three macro actions: updating the server infrastructure and the application, the implementation of security best practices and finally an advanced cache system.
Server and application infrastructure update
Following the analysis sessions carried out with our partner Seeweb, the multiple upgrade interventions of the cloud server infrastructure have begun thanks to an effective DR (Disaster Recovery) and BC (Business Continuity) plan. We intervened on the application by filling the various criticalities, related to its poor maintenance over the years.
Implementation of security best practices
We have implemented all the best practices to increase the security of Wordpress. We have installed a software-side firewall with access control and origin traffic. The control also extends to all physical files on the site, analyzing any malware content and thus blocking hacking attempts on them. These operations have prevented potentially usable actions for bruteforce on the application.
Cache system implementation
We optimized the application performance, minimizing the load on the server by significantly increasing the speed in using the application contents. We have enabled a cache system on static content, on the database and on the object cache of WP with the help of the Redis system.
Thanks to the actions carried out to complete the safety goal, we have achieved the following results: