Penetration Testing

WordPress VIP customers can run penetration tests and security assessments / scans against their own applications and environments hosted on the WordPress VIP Platform.

Prior to running any tests or scans, we ask that you notify our team via a Support ticket. Please outline the objectives and planned methodology of the assessment so we can validate and approve your approach.

Once complete, we are happy to review and validate the results with your team.

Scope / Restrictions

  • The scope of the testing must be limited to the domains mapped to your applications / environments. This means that you are not permitted to conduct any security assessments of VIP infrastructure and VIP services (e.g. the VIP Dashboard and API). If you’re unsure what this covers, please ask.
  • Please do not perform Denial-of-Service (DoS) attacks or simulations against your applications or VIP infrastructure and VIP services. Any testing that is found to be abusive or that impacts our systems and other customers will likely be blocked.

If you discover a security issue with the VIP Platform or any of our services, please contact us immediately via HackerOne or VIP Support.

Contact us

Request a WordPress VIP demo

Learn how we can help drive business growth for your organization.