Tag Archives: Website Security

Improving The Security & Performance Of Your Websites With Functional Isolation

Security is not an absolute thing, it is a continuous process. Adding an SSL certificate and Website Security to your website is an important thing to do but in addition to that, your server must be configured in a way to reduce the damage that happens when your website is hacked.

Implementing Functional Isolation

A logical separation of websites should be implemented into separate hosting accounts having their own access. In the case of applications, you should avoid installing and testing multiple applications in one directory.

If you own a server, simply create multiple hosting packages separately for important websites so if in case anytime your website is hacked, the malware should stay limited to that particular hosting account of your website and other sites remain unaffected. This is called functional isolation. It is important because malware files are coded in a way to get automatically copied to various directories on your hosting account.

How to do logical separation of websites?

Linux is a multiuser operation system and your server (both VPS & Dedicated Server) offers you the feature to create multiple hosting accounts with separate cPanel logins. You can decide the limitation for each hosting account on your server.

Simply start by logging into your Sangkrit.net account then open the WHM of your server. On the WHM dashboard, you can create separate cPanel hostings from the Packages -> Add a Package option.

Most people understand the need of protecting their websites and keeping regular backups only after they face data loss after some malware or hacking of their website. Avoid being that person.

Saving Your Website From Distributed Denial-of-Service (DDoS) Attack

DDoS i.e. Distributed Denial-of-Service attacks are attempts by hackers to make any online service down by sending a flood of traffic that the host cannot handle at the time.

The Tagets of DDoS Attack

In the past, big companies and large websites were only its targets but nowadays even small business websites come with the issue of DDoS attacks occurring on their websites.

What DDoS attack does to your web service?

The only good thing is no data loss occurs during a DDoS attack, all it does is makes the service unavailable to users. It is not done by an individual hacker sitting on a system instead the attacker directs hundreds to thousands of zombie host systems against its target. These hosts are drafted from a million unprotected devices through high-bandwidth connections. The attacker builds a legion of such zombie hosts and then they wait for the command to attack any service.

The result of the DDoS attack

The result of such an attack is the denial of the service, loss of revenue as well as reputation because the end user may find the service less reliable as it goes frequently down.

How to find out you have been attacked with DDoS?

The first sign is the service becomes unavailable to users but that can also happen due to your success with legitimate traffic especially when you choose to host your website on a shared hosting plan and not on a Cloud or Dedicated Server.

Other signs include slow or denied access to your web service for days rather than a spike of seconds or minutes. You may check whether any single IP address is generating a large number of requests. Check your server’s log file to see if any flood of traffic is being generated from suspicious sources or the TTL i.e. time to live on a ping request times out frequently.

How to protect yourself from DDoS attacks?

The advanced, as well as the premium plan of Website Security at Sangkrit.net, offers you DDoS protection which you can easily set up on your own after subscribing to it.

It also offers you CDN i.e. Content Delivery Network that disburdens the load on a single server to many remote servers so that when traffic comes to your website it can be routed to the geographically closest CDN server.

Real success is no different than a DDoS attack

Choose a Dedicated Server to host your website because real success is no different than a DDoS attack.

To find out whether the increase in traffic is actually a DDoS or not you would need to know how to distinguish between good and bad traffic. Otherwise, you might lose traffic from legitimate visitors. A few key points we have discussed above such as single IP generating too many requests can be a DDoS attack, etc.

You may also take help by appointing a system administrator to look after your website or you may subscribe to online support (available at per hour per terminal cost) simply by sending an email to the system at Sangkrit.net.

Configuring WAF & CDN On Your Dedicated Server & VPS

To configure WAF or CDN, you’ll need to additionally purchase a Website Security alongside your hosting option such as Business Hosting, VPS, or Dedicated Server.

Then, there are a few steps you will need to take to activate the Web Application Firewall(WAF) and Content Delivery Network (CDN) over your websites.

Start by subscribing to a Website Security option. Then, simply login to your Sangkrit.net account, move to the product page, and follow these steps:

  1. Select ‘Manage All’ given next to Website Security and Backups
  2. Select Set Up under Firewall, for the domain, you want to set up WAF and CDN
  3. For hosting users, the setup completes in a few minutes. But the server users need to follow a few more steps which are given below
  4. Use the link supplied under Internal Domains to make sure your site loads correctly
  5. Login to the account where your DNS is hosted and configure the A Record so it points to the Website Firewall using the IP address listed under your Firewall IP address
  6. Once A Record is updated, the Website Security dashboard will update and show that the service has been activated. This can take up to a day to complete

If you have a firewall on your hosting servers like CSF or ModSecurity, you should allowlist some IPs. Because all connections to your server will pass through this firewall and adding associated IPs to your firewall’s allow list is going to prevent your sites from being blocked incorrectly.

These are the addresses you should allow:

192.88.134.0/23, 185.93.228.0/22, 2a02:fe80::/29, 66.248.200.0/22, 208.109.0.0/22

Once WAF is activated, the Content Delivery Network (CDN) automatically starts working.

Fix Your Hacked Website With Website Security Express

Google blacklist the websites that could be considered dangerous to visitors, and this makes it impossible for netizens to find such websites from search.

Website owners generally receive the first notification of hacked website from Google, especially if they are not using any website security and that means the damage has already been started on your website because Google has started to warn people from visiting your website.

If your website is hacked and you want to fix it now then SANGKRIT.net’s Website Security Express is for you. In addition to website security and blacklist monitoring, it also provides you an option to remove malware from your website by submitting a malware removal request to experts team at SANGKRIT.net.

Continue reading Fix Your Hacked Website With Website Security Express