Asia Pacific's Leading Cloud Transformation Company!

Apoorva Foods Security Case Study

About Us

Cloud Adoption & Migration Experts. Talk to us for your AWS, Azure and Google Cloud needs

How can we help you?

Our Engineers are AWS and Azure Certified, with years of experience of solving complex cloud challenges.

Project Infomation

Apoorva Foods is one of Bangalore’s leading corporate dining solution provider with its services: Corporate, Banquet Events, Marriage Event, Outdoor Event, High-End Party and Cafeteria Management.
Founded in 2007, Apoorva Foods is now having a base production unit consist of a well ventilated central hall of 6000 sq. ft. area & equipped with all modern kitchen utensils, which is having a production capacity to cater more than 10,000 people in a day. With its value ‘BEST IN TASTE, BEST IN QUALITY, BEST IN HYGIENE.', Apoorva Foods is ISO 22000:2005 AND HACCP certified.
  • Client: Apoorva Foods
  • Date: 2017
  • Skills: Cloud Security, AWS Expertise

The Challenge

It is important to keep the site always running and safe from attacks. The site is built on WordPress. A hacked WordPress site can cause serious damage to your business revenue and reputation. Hackers can steal user information, passwords, install malicious software, and can even distribute malware to your users. Each week, Google blacklists around 20,000 websites for malware and around 50,000 for phishing.

A study found that nearly 20 percent of the 50 most popular plugins for the WordPress platform are vulnerable to common Web attacks. Worst, you may find yourself paying ransomware to hackers just to regain access to your website.

The Solution

The Website is being hosted on Amazon Web Services (AWS). While WordPress core software is very secure, and it’s audited regularly by hundreds of developers, there is a lot that can be done to harden your WordPress website.
WordPress also comes with thousands of plugins and themes that you can install on your website. These plugins and themes are maintained by third-party developers which regularly release updates as well.
These WordPress updates are crucial for the security and stability of your WordPress site. You need to make sure that your WordPress core, plugins, and theme are up to date.
The Solution also involves the WAF solution from Incapsula, which protect unauthorized access, use, alteration, complex attacks against WordPress, keeping your sites safe and online.
The Site is being routed through AWS Route53 and SSL Certificates are being installed to server traffic via HTTPS.
24x7 Monitoring, Backups, Plugin Updates, Security Patching.
For host-based security, Infraguard(scan and automatically install all missing patches) and Trend Micro Deep Security is being implemented.

How AWS services were used as part of the solution

WAF
Onboarding a WAF, gave Apoorva Foods the security they needed for the DDOS attacks, XSS scripting and SQL injections.
Deep Security Manager
Deep Security Manager gave them a central dashboard to manage a host defense system for its cloud infrastructure. It gives businesses power over how and where data is accessed and greatly reduces the complexity inherent in traditional key management solutions. Deep Security combines multiple protection modules, including anti-malware, IDS/IPS, integrity monitoring web application protection, log inspection, and firewall, in a single, centrally managed software solution, to provide agent-based or agentless protection.
SSL Implementation
SSL implementation encrypted their transactions and customer information pages to maintain the integrity. The outcome is having tighter controls on the website, handle sudden increases in web traffic very well.
VPS and Security Groups
Amazon VPC helps to provide the isolated Network. Security Group helps to control the incoming and outgoing traffic through specific ports.
AWS NACL
AWS NACL provides protection at subnet level i.e. with Nacl we are controlling the network traffic for each subnet.
IAM
IAM granular policies are being implemented and keys are rotated on a regular basis.
AWS CloudTrail
AWS CloudTrail allows the compliance, and operational audit by keeping a track of all the actions performed by a user or role.
Amazon Cloudfront
Amazon CloudFront helps speed up the distribution of contents as it routes the user request to edge locations.
Close
Compare
Wishlist 0
Open Wishlist Page Continue Shopping