SiteBox Worker

On top of regular WAF solutions, at SiteBox Hosting, we've engineered the SiteBox Entrypoint Worker — a Web Worker intricately designed to meet the unique demands of WordPress-based websites, offering an additional layer of protection and performance optimisation for our customers.

The role of the Worker

The SiteBox Entrypoint Worker is attached to the request lifecycle, acting as an intermediary between the incoming request and your WordPress website. Unlike traditional security measures that operate at a surface level, this Web Worker is capable of more complex processing tasks that often require interaction with databases or other data sources. This enables it to make intelligent decisions about both incoming requests and outgoing responses. One of the guiding principles behind the creation of SiteBox Entrypoint Worker is the harmonious balance between performance and security. We understand that in the digital age, every millisecond counts. Therefore, we've optimised our workers to perform most of their complex processing tasks in just a few milliseconds. This essentially means that we provide an exceptional security tool that is almost invisible to end-users and does not affect user journeys.

Components of Entrypoint Worker

The SiteBox Entrypoint Worker is not a monolithic entity but a composite of several specialized services, each contributing to its overall effectiveness:

• SiteBox Enclave – the state-of-the-art gateway solution engineered to safeguard your websites hosted on SiteBox, or specific routes within them, by employing the zero trust principle.
• SiteBox Identity – a centralized identity and access management interface streamlines the administration of WordPress users, as well as users within the SiteBox CLI and Dashboard experiences.
• SiteBox Accelerator – one-in-a-kind solution for deferred rendering mechanism to improve security as well as the performance of a website by essentially removing the processing layer from most requests.

Additional functionalities

Beyond these core components, the SiteBox Entrypoint Worker also performs smaller functionalities that contribute to the overall security of your website.

Protect non-production websites from indexing

The worker replaces the robots.txt file with a predefined one to prevent search engines from indexing internal or non-production domains. All set values are visible in the comment section to ensure a user is able to preview the robots.txt file before attaching the domain and pushing the website to production.

##############################################################
##                                                          ##
##  SiteBox Edge locks the "robots.txt" file to avoid       ##
##  indexing websites without a production domain.          ##
##                                                          ##
##############################################################

User-agent: *
Disallow: /

##############################################################
##                                                          ##
##  The original content of the "robots.txt" file is        ##
##  below and will be displayed on the production version.  ##
##                                                          ##
##############################################################
##
##  # START YOAST BLOCK
##  # ---------------------------
##  User-agent: *
##  Disallow:
##
##  Sitemap: https://acme-website.statik.space/sitemap_index.xml
##  # ---------------------------
##  # END YOAST BLOCK

Edge layer redirects

The worker can apply redirects directly at the edge layer, eliminating the need to request the origin instance to return a redirect. This improves both performance and security.

Additional response headers

When the original response lacks certain security headers like X-Frame-Options or X-Content-Type-Options if these are not provided in the original server response.

The first three headers presented below are forced and present always. The last three of them can be overridden by the origin server.