SiteLyncs
Log in Get a free preview
Features

Website security, handled for you

You did not get into business to fight off hackers. You run a plumbing crew, a clinic, a landscaping company. So here is the short version. Every site we build sits behind Cloudflare, and we tune it for your business. This page explains what that protects you from, and what it would cost you if it did not.

01 "Why would anyone attack my website?"

This is the right question, and the honest answer is reassuring. Attacks are not personal. They are automated. Nobody woke up wanting to ruin your day.

Bots scan the internet constantly. They probe millions of sites every hour, looking for anything they can exploit. Your plumbing website is not a target because someone has it in for you. It is a target because it exists. The machines do not care what you sell.

Here is what those automated attacks actually look like:

  • Contact form spam - bots submit hundreds of fake enquiries straight into your inbox.
  • Content scraping - competitors or automated tools copy your text, photos, and prices.
  • Vulnerability probing - bots poke at your site looking for weaknesses, even on sites with nothing to steal.
  • Defacement - rare, but real. A hacked site can be made to display anything, including content that has nothing to do with you.

02 What a hacked or attacked site actually costs you

The damage is rarely a dramatic break-in. It is slower and quieter than that, and it hits the part of your business that matters most: getting found and getting calls.

  • Google may flag your site as dangerous. Then every visitor sees a red warning screen before they ever reach you.
  • Your inbox fills with junk. Real enquiries get buried under fake ones, and you start missing the messages that pay the bills.
  • Your site goes down. A customer searches for you, clicks, and finds nothing. They call the next name on the list.
  • Recovery takes time and money you do not have. Cleaning up a compromised site is days of work, often paid for at an emergency rate.

03 What is Cloudflare?

Cloudflare is the infrastructure that protects roughly 20% of all internet traffic. Banks, governments, and Fortune 500 companies use it. We configure Cloudflare's security tools specifically for your small business site. You get the same protection, without needing an IT department to manage it.

04 What we configure at each tier

Every plan is protected the moment it goes live. The higher tiers add active defence and hands-on tuning. Here is exactly what you get with Starter, Pro, and Premium.

Starter - Protected by Default

The essentials, on from day one

  • HTTPS enforced - the padlock in the address bar, so visitors know they are on the real you and their connection is encrypted.
  • DDoS protection - Cloudflare absorbs traffic floods (a flood is thousands of fake visits sent at once to knock you offline) before they ever reach your site.
  • Bot blocking - known bad bots are turned away at the door.
  • Security headers - browser-level instructions that prevent clickjacking, where someone embeds your site inside theirs to trick your visitors.
  • Email obfuscation - your email address is hidden from the scrapers that harvest inboxes for spam lists.
Pro - Actively Defended

Everything in Starter, plus a configured firewall

Pro adds a configured Web Application Firewall, or WAF. Think of the WAF as a bouncer at the door. It checks every visitor against a set of rules before letting them in.

  • Contact-form rate limiting - caps how often the same source can hit your form, so spam bots get cut off fast.
  • Attack-pattern blocking - blocks known attack tricks like SQL injection (an attempt to sneak commands into your site through a form field).
  • Scanner blocking - the automated tools that probe for weaknesses get stopped before they finish looking.
  • Suspicious-traffic challenges - visitors that look like bots get a quick CAPTCHA (the "prove you're human" check) instead of free entry.
Premium - Enterprise-Grade, Tuned to Your Site

Everything in Pro, reviewed and tuned for you

  • Per-client WAF configuration - we review your specific site and tune the firewall around how it actually works.
  • Full endpoint rate limiting - the caps cover every URL on your site, not just the contact form.
  • Page Shield - monitors for injected third-party scripts (rogue code that sneaks in through an outside service) and alerts on anything new.
  • Monthly security report - a plain-English summary in your portal showing what was blocked and what it means.
  • Incident notification - if attack volume spikes against your site, you hear from us directly.

05 The bottom line

You focus on running your business. We handle the security. If something goes wrong, you'll hear from us before your customers do.

Security is one piece of how we keep your site working. It pairs with a fast-loading site and strong SEO and AEO so people can actually find and trust you. See what we build or browse the gallery.

See our plans