We all know that it’s important that users transact online with a peace of mind. Our chosen mechanisms work together to minimise our customers’ abuse risk and limit their exposure at the server level.
How do we strengthen server security? We have software at server level to mitigate abuse.
Fail2Ban : An intrusion software that scans log files and blocks any IP addresses that have been identified as malicious. Fail2ban looks for suspicious activity like password failures and vulnerability searches and rejects these IP addresses for a specific period of time. This is just one of the measures we take to help prevent Brute Force password attacks against mailboxes and Content Management Systems (CMS) like WordPress and Joomla.
A Brute Force Attack, one of the most common forms of abuse, is when an attacker tries to gain access to a website or a web server by attempting various passwords and usernames in close succession, essentially bombarding the server.
Web Application Firewalls (WAF)
ModSecurity: is a web application firewall that monitors traffic to your website for malicious activity in real-time. It does this through a set of rules that detect and block the most common website attacks. ModSecurity is active on all our Web Hosting packages.
ModSecurity acts like a shield between your website and the internet, offering an additional layer of protection. It is an early detection system that offers a moderate level of protection, making it harder for malicious attackers to gain unauthorised access to your website.
Web Application Firewalls (WAF)
Cloudbric is an advanced, enterprise-grade web application firewall which shields your website and website applications (like WordPress) against hackers. It guards against suspicious and malicious website traffic, which specifically looks for opportunities to exploit weaknesses in your website’s code. There are three key ways that Cloudbric protects your site:
- All web traffic to your website is routed through the WAF, where it detects and blocks malicious traffic while allowing legitimate traffic through.
- Cloudbric blocks website-level DDoS attacks, which could exhaust your website resources and make it inaccessible to the visitors you want.
- Cloudbric’s dashboard allows you to perform certain tasks like blocking visitors from specific countries or IP addresses from accessing your website.
The risk of exploitation of weak code never completely disappears, but it is greatly reduced with Cloudbric. Hackers constantly seek new entry points to exploit websites. Similar to anti-virus applications, as these exploits are discovered, Cloudbric adds them to their list and permanently blocks them.
IP Reputation System
Our IP Reputation System contains a list of known ‘bad’ IP addresses which is frequently updated. This list is regularly sent to all of the servers on our hosting platform, ensuring any traffic from these IP addresses is blocked by the server firewalls.
While we make use of multiple security measures to help protect our customers’ emails and websites, we can’t eliminate all the possible risks. That’s why we encourage our customers to choose strong, unique passwords and to make use of two-factor authentication mechanisms. You should also keep any CMS you’re using up to date and make sure you have security software installed. Where possible, use CAPTCHAs on your webforms and do not install any pirated software or apps on your website.
Together we can keep your website and email as safe as possible.