Research shows that malware attacks, exploits and hacking are on the rise in 2020, with thousands of exploit attempts carried out every day. The most common targets being popular content management systems like WordPress- the fact that these systems are widely used makes them a tempting target.
These platforms are not inherently insecure, of course, but with a near-infinite sprawl of plugins, themes and customisations new vulnerabilities are being discovered all the time. Security has never been more crucial.
We employ a wide range of tools and techniques to keep sites safe- including firewalls, brute-force detection, and account-level isolation, to prevent the “blast radius” effect of one hacked site infecting others. For us at Prostack, however, this is just the tip of the iceberg- we wanted a comprehensive anti-malware solution that would pro-actively defend customer sites from intrusion, as well as regularly scan for exploits. Our product of choice was Imunify360, an all-in-one anti malware system that integrates with our managed server offerings to provide 360-degree security.
Some of the highlights of Imunify, which have worked well for us, include:
- Malware scanning: Whilst the standard malware tools (such as maldet) are effecive, we wanted something that was specifically able to root out exploited PHP, as we commonly see sites where malicious code is injected into customer sites via an outdated theme or plugin. Imunify360 has an excellent and regularly-updated dictionary of malware types which it uses to scan and identify threats. With the configuration we deploy for our customers, we run weekly scans, during the night, to minimise any potential impact.
- Automatic cleanup. Once malicious code is identified, Imunify360 has the ability to clean it up, without user intervention. Plus, it removes malicious code without touching the rest of the file, so it won’t impact the operation of your sites. There’s also a Quarantine function, which provides a safe fallback in the event cleanup fails, moving the file to an isolated location so you can review it if you need to.
- Proactive defense. In addition to regular scans, Imunify360 also has real-time malware prevention built-in. This means it can stop malicious code before it can execute, analysing it’s intent and making a determination on whether or not it is safe to allow. If it identifies code that is doing something it shouldn’t be, it engages “kill mode”, which terminates the script. This heuristic analysis provides an excellent layer of “live” protection so that even if a site does have a vulnerability, it can’t be exploited.
- WAF. Web Application Firewalls employ a variety of techniques to identify malicious traffic- not just hackers, but bots, scrapers and other unwanted visitors which can waste your site’s resources. Imunify360’s WAF scores IP addresses to allow good traffic and block bad traffic. And it’s uncertain, it can present a CAPTCHA interstitial so legitimate visitors can prove they’re human before being allowed through.
- Reputation management. Imunify proactively scans your sites and lets you know if any of them end up on a blacklist or anti-virus security list. These lists are used by common security providers (e.g. Google safe browsing) to warn users that a site might be infected. Imunify keeps tabs on your site’s reputation and informs you if anything happens which might impact your reputation.
Our partnership with Imunify allows us to provide licenses for all your sites at a discounted cost. If you’re interested in learning more about how we can proactively protect your sites from current and emerging internet threats, contact us today.