SSL Protection
All Rollout websites include:
- Automatic HTTPS encryption
- SSL certificates at no extra cost
- Secure connections for all visitors
Data Security
User Data Protection
- Secure form submissions
- Data encryption during transit
- Safe storage practices
Account Security
- Account password requirements
- Two-factor authentication (coming soon)
- Secure session management
Privacy Compliance
GDPR Considerations
Rollout is working toward GDPR compliance:
- Data minimization principles
- User consent mechanisms
- Privacy policy templates available
Cookie Management
- Add cookie consent banners
- Implement cookie policy pages
- Control third-party tracking
Secure Form Handling
For contact and submission forms:
- Enable spam protection features
- Implement honeypot fields
- Add CAPTCHA verification
- Use secure submission endpoints
Email Deliverability
To improve email deliverability:
- Set up SPF records for your domain
- Implement DKIM authentication
- Configure DMARC policies
- Use authenticated SMTP servers
User Authentication Options
For sites requiring login functionality:
- Design secure login interfaces
- Connect to trusted authentication providers
- Implement secure password handling
- Add account recovery options
Security Best Practices
Regular Updates
- Update Rollout-generated code
- Keep third-party scripts current
- Maintain plugin and dependency versions
Code Security
- Validate user inputs
- Sanitize data outputs
- Prevent injection attacks
- Implement CSP (Content Security Policy)
Content Protection
Access Controls
- Create password-protected areas
- Implement member-only content
- Set up content permissions
IP Restrictions
- Geo-blocking functionality
- Limit access by location
- Prevent unauthorized access
Domain Security
DNS Management
- Proper DNS configuration
- Secure domain settings
- DNSSEC implementation (where supported)
Domain Privacy
- Domain WHOIS privacy options
- Domain transfer protection
- Domain monitoring
Payment Security
For e-commerce implementations:
- Use trusted payment gateways
- Implement PCI-compliant integrations
- Separate payment processing from your site
- Add fraud prevention measures
Monitoring & Protection
Uptime Monitoring
- Regular availability checks
- Performance monitoring
- Downtime alerts
Security Scanning
- Regular vulnerability scans
- Malware detection
- Security patch implementation
Data Backups
Rollout provides:
- Project version history
- Automated backups
- Disaster recovery options
For exported sites:
- Implement your own backup strategy
- Store backups in secure locations
- Test restoration procedures regularly