This is the first of a series of articles dedicated to building a successful online presence. The following article is dedicated to security.
The web is a huge, tightly knit ecosystem, which is constantly getting polluted by malicious users and algorithms. So, once launched online, each site becomes vulnerable to tons of negative influences.
To make sure your customers’ websites are prepared to meet the challenges of the polluted ecosystem, we have built up our platform around enhanced security.
Here is a list of the features and tools we have implemented on our shared hosting platform to help your customers stay safe online.
ModSecurity anti-hack firewall – The ModSecurity Apache module is a firewall that will effectively prevent most URL forgery or “brute force” attacks and forum spamming attempts targeted at your customers’ websites. By default, ModSecurity is enabled for all the websites in a hosting account, so it will automatically block all incoming requests that are flagged as insecure. Also, it is kept constantly updated in order to prevent all types of ‘up-to-date’ attacks. Your customers can find ModSecurity in the Advanced section of the Control Panel.
Website-based firewall – using our Outgoing Connections functionality, your customers can restrict the outgoing traffic from their sites. It will prevent sensitive data leaking off a customer’s site to an external host. By default, all outgoing connections from a customer’s account are disabled. If, however, a customer wants to allow external connections to certain IP addresses, they can do so from the Outgoing Connections section in the Web Hosting Control Panel.
Anti-virus protection – our servers are equipped with a powerful security system to stop viruses, Trojans, worms and other malicious bugs aimed at disrupting your customers’ websites and emails. All our servers are protected by a constantly running anti-virus software. Heavily modified by our sysadmins, our anti-virus software operates in the background – it does not affect server performance and effectively keeps viruses, Trojans, worms and other malicious bugs out of our servers.
IP blocking – With the help of the IP Blocking tool, a customer can prevent a malicious user or a script from attacking their sites by blocking the IP address they are coming from. It allows a user to easily deny a specific IP address access to their website or to a section of their website. You can even block an entire range of IP addresses, because a hacker might use a dynamic IP from a certain network to attack your site. This tool is located in the Advanced section of the Control Panel.
.htaccess generator – from the .htaccess Manager in the Control Panel, a customer can easily control the behavior of the Apache web server. For instance, they can protect their website content with password-protected folders and IP-based authentication, enable hotlink protection for their images or CSS files, block different IP addresses from accessing their website and even block visitors that come from a particular site referrer. The .htaccess Manager is intuitively integrated into the Advanced section of the Control Panel.
Data corruption protection – our platform relies on the ZFS file system, which has an inbuilt checksum functionality to ensure protection against silent data corruption. This way, if data gets corrupted on one of the disks in the RAID array, the system will be able to recognize the corrupted files and to recover the data from the unaffected disk. In the meantime, the EXT4 file system, which is used by most cPanel hosting providers today, does not have checksums and hence might mistake the healthy files as being corrupted and thus compromise the data on the healthy disk as well.
Help with hacked sites – we offer help with hacked sites within reasonable limits. When our technical support team receives a report of a hacked site, they first try to contact the customer and to provide advice on how the issue can be resolved in due time. If the customer is not experienced enough to follow the instructions, our technicians then take the case in their hands.
Daily data backups – if, by any chance, your customers’ site contents get lost or compromised, they can easily restore them from the Control Panel. We offer browsable daily backups, which are executed 4 times a day, and which can be restored with a single mouse click at any moment. Also, our Dropbox backup option allows your customers to store a backup of their sites and databases in their Dropbox account as well. The Browsable backups and the Dropbox backups are located in the File Manager.
Last, but not least, we offer comprehensive Control Panel-integrated web stats that will help your customers monitor their website traffic, so they could quickly locate any possible malicious behaviour targeted at their sites and take measures to block it in time. Your customers can find the comprehensive stats in the Statistics section of the Control Panel.