Pipe Ten Hosting Ltd

WordPress Application Hosting

WordPress application hosting with a high level of compliance, security and support based on a specially optimised software stack from a company demonstrating 20 years of continuous delivery. We manage everything except for the content and design, but give you full administrative access for compliance validation.

Features

• WordPress Application Hosting
• WordPress Software as a Service
• ISO27001 compliant WordPress
• PCI DSS compliant WordPress
• Fully Managed WordPress
• WordPress Backup
• WordPress SSL
• WordPress with WAF
• WordPress with WP-CLI Support
• WordPress Support

Benefits

• Stress free WordPress hosting
• Increased WordPress Security
• Simplify WordPress Compliance
• Recover WordPress Easily
• Reduce WordPress Costs
• Reduce WordPress Risk
• Guarantee WordPress Data Sovereignty
• Deploy WordPress Quickly
• Deploy WordPress Safely
• Faster WordPress

£50 an instance a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@pipe.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

755234030565800

Contact

Carl Heaton
0114 443 2222
info@pipe.co

Service scope

• Service constraints: Service specifically designed for the optimal hosting of single Wordpress application instances.
• System requirements: Wordpress

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Most tickets are answered within 1 hour.; ; High priority tickets are escalated and answered within 3 hours at all times.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: None.
• Onsite support: Yes, at extra cost
• Support levels: Most tickets are typically answered within the hour, but the SLA on low and medium tickets is 72 hours.; ; High tickets are are typically answered within 15 minutes and escalated to on-call engineers at all hours, but the SLA on high tickets is 3 hours.; ; We have no first or second line support, all our support is provided by engineers with significant experience and authority.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a complete service including migration, documentation and training.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: The user can self generate or request us to provide file and database exports.
• End-of-contract process: We will provide the customer with all the information needed to archive, backup or migrate the website.

Using the service

• Web browser interface: Yes
• Using the web interface: Instances can be ordered via our website and full access to deployed services being given. The customer can perform all actions or request engineering to perform the actions on their behalf. Full file and database management is included by default.
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: None
• API: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: Users are provided with user level SSH access for Wordpress wp-cli use. We also provide sudo and root level access for administrative and compliance verification purposes. It is recommended and included that multiple user accounts be configured should multiple developers or users require SSH access.

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: All instances contain guaranteed non-shared resources.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machine State
  • Software Stack
  • Stack Configuration
  • Software Configuration
  • User file contents
  • User database contents
  • Wordpress files
  • Wordpress database
  • Wordpress configuration
  • Wordpress plugins
• Backup controls: Modifications to the default backup schedule are inclusive on request.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: See SLA document.
• Approach to resilience: Available on request
• Outage reporting: Individual VM and website metrics are gathered to externally hosted system and emailed to customer.; ; General service outages are announced to externally hosted service notice platform.; ; Significant service outages are announced to completely independent hosted service notice platform.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Available on request
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable Certification Ltd
• ISO/IEC 27001 accreditation date: 2021/07/10
• What the ISO/IEC 27001 doesn’t cover: Software development services.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Self attestation
• PCI DSS accreditation date: 2022
• What the PCI DSS doesn’t cover: Software development.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Available on request

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Available on request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Available on request.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Available on request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Available on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: DO
• How shared infrastructure is kept separate: By instance.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Available on request

Social Value

• Fighting climate change:

  Fighting climate change

  We are under no illusion the consumption of digital solutions in itself can ever be environmentally neutral, but we make all reasonable efforts to ensure they are both designed to be efficient and that their use increases efficiency.
• Covid-19 recovery:

  Covid-19 recovery

  We support new ways of working for our employees who are shielding through remote working, changes to the on-premise working environments and mental health support.
• Tackling economic inequality:

  Tackling economic inequality

  We work with economically diverse organisations and provide employment and training opportunities within our economically deprived area.
• Equal opportunity:

  Equal opportunity

  We are an equal opportunity employer.
• Wellbeing:

  Wellbeing

  The wellbeing of our employees, customer employee and supplier employee is paramount, without them we cannot do what we do.

Pricing

• Price: £50 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@pipe.co. Tell them what format you need. It will help if you say what assistive technology you use.