Secure Joomla hosting
In a recent hosting survey the Department for Business found that 87% of small businesses across all sectors had experienced a breach in the last year! In this short blog, we want to show you why Secure Joomla hosting is a vital investment for your business.
Protecting PHP-FPM applications like Joomla!
PHP-FPM (FastCGI Process Manager) is something we use to protect your Joomla system. It provides an easy way to run PHP scripts with different users on the same server. It provides security because the PHP scripts are not run with the rights of the Super Administrator but with the rights of the account holder.
And because these rights are isolated to each account, someone outside (such as a hacker) cannot infiltrate your account through a vulnerability in someone else’s account, on the same shared server.
Not all hosting companies offer Secure Hosting
The problem is that not all hosting companies are set up to protect PHP applications like Joomla! Without this hackers can easily gain access to your website via a vulnerable site on the same shared hosting environment. This means someone else’s problem can become yours, resulting in loss of business and downtime!
Even hosting Joomla with PHP-FPM can still leave you open to hackers in that certain functions can still be run which can affect the whole operating system. This can still permit things like Symlink attack’s to happen, whereby a hacker having access to one account can take over another account on the same server, by creating a symbolic link pointing to a file in a directory.
Two-Factor Protection
Our two-factor protection seeks to keep you ‘Safe’ and ‘Sound’. ‘Safe’ as each account works by limiting rights to the account holder, and ‘Sound’ as our hosting environment works by hardening PHP and the services that run on it! This two-factor protection seeks to decrease the probability that a hacker is presenting false evidence of their identity. It fends off Symlink attacks and other attacks against the operating system and stops someone else’s account infecting yours!
That’s why we think your pennies will be better spent here! But hey – in the event that something does go wrong, you’ll be pleased to learn that our Secure Joomla Hosting also runs with Active Protection!
Active Protection
Our Active Protection system is designed to defend against viruses, trojans and worms from outside but they are also capable of fending off and destroying exploits if they are found inside!
Detecting and quarantine exploits
This means that if your Joomla site became compromised due to an out-of-date Joomla installation or due to vulnerable extensions, our active systems can detect and quarantine the exploit before it becomes active or causes more damage!
Exploit Scanner
This active scanning can help prevent exploitation of an account by deleting or moving suspicious files to quarantine before they become active. It can also prevent the uploading of harmful PHP scripts which are commonly used to launch more malicious attacks. Our exploit scanner has been custom programmed to protect against 6000 known exploit scripts, in addition, it uses a high-performance multi-thread antivirus engine and an intelligent tool for its automatic signature updates.
Active Firewall
If this wasn't enough, our Firewall controls exactly what traffic is allowed in and out of our servers and can protect your site from malicious attacks! It does this by comparing network traffic to a set of rules which specifies our application protocol and the source and destination of the communication. Accordingly, our firewall is effective at stopping network service worms that target a particular service or service port number. It also helps against “Brute-force attacks” and responds very quickly to such patterns by blocking offending IP’s.
Customised Mod Security
Mod Security is another system that works by scanning all messages received by your website (i.e. POST, Pings, JavaScript calls, Trackbacks etc...). This has let us create our own bespoke rules so that we can better secure Joomla and Wordpress, stop spam, prevent certain web application protocols and server attacks. It does this by deploying an external security layer that increases security, detects and prevents attacks before they reach your website.
This is a sneak preview into the amazing systems at work, working to keep your Joomla site up and online. For most, you will never know they're there! But - if you believe that protection is a sound investment, we believe that your online investment will be better protected with us!