7 Features That Show Your Shared Hosting Plan is Secure

Posted at April 3, 2018 at 1:05 pm by Ylber Popaj

7 Features that show your shared hosting plan is secure
With massive data breaches hitting the world’s largest brands, website owners may often wonder how well they’d fare against online threats: “If global corporations are having trouble keeping up with web security, how could I stand a chance to stay secure?”

Fortunately, online security isn’t restricted to the wealthiest, most high-traffic sites. Web hosting companies protect themselves and customers by locking down every possible aspect of their infrastructure and clients’ environments. Here are some of the most common tools reputable hosts will offer customers:

  1. Web application firewalls
  2. File upload and script scanners
  3. Malware and antivirus detection
  4. Email monitoring and protection
  5. Regular automated backups
  6. SSL certificates
  7. Reduced PHP permissions

Fortunately, InterServer includes all the above with its standard shared hosting plan. All but the SSL certificates and backups are part of the company’s five-prong InterShield security platform, which was introduced less than a year ago. Here’s more information on the features used to protect site owners, their sensitive data, and their online properties.

1. Web Application Firewall

Slightly different from firewalls that filter traffic to and from networks, web application firewalls (WAFs) introduce specific requirements for visitors to communicate with a host’s servers. WAFs are tailored to protect particular vulnerabilities common in the programs used to operate and manage web hosting environments.

Experts behind many InterServer reviews praise the company for the all-hands-on-deck approach the company takes with security. Co-Founders Mike Lavrik and John Quaglieri still oversee the InterServer datacenters, including network security. The company enables the open-source ModSecurity web application firewall to add another layer of protection for its customers.

InterServer’s web application firewall is particularly focused on preventing cross-site scripting and SQL injections, two common vectors where attackers will inject code, execute scripts, or compromise databases within a hosting customer’s website environment.

2. Scans and Monitoring

In addition to inspecting and filtering the traffic coming to and from the company’s servers, Interserver’s standard shared hosting plan includes the file uploading and script scanners that prevent malicious code or programs from entering a customer’s web environment.

Website owners can unknowingly upload files that contain malware, a broad term that covers the range of unwanted or dangerous code. To avoid that, InterShield will scan every uploaded file for certain detectable characteristics of malware. InterServer regularly updates the scanners to account for the rapidly changing threat landscape.

Similarly, InterServer will inspect the various scripts running on its servers for signs of malicious attacks. Scripts are essentially behind-the-scenes programs that automate various tasks that make websites more visually appealing or quicker to load. The company constantly scans servers, looking for any malicious scripts that could compromise website performance or security.

3. Regularly updated malware detection

Given how quickly attackers can adjust their methods of infiltrating a web hosting server or unsecured website, hosting providers need to remain constantly vigilant to the trends and behaviors of those criminals.

InterServer maintains a constantly evolving database of more than 155,000 examples of malware scripts, documenting each specific malicious signature and making them easier to detect and turn back. What’s more, the company transparently reports real-time information on the malware InterShield finds.

Shared hosting customers are particularly vulnerable to malware, given the audience’s general lack of technical expertise and not being aware of the best security practices. What’s more, with so many customers sharing a server, multiple users can fall prey once an attacker gains access to one compromised website. InterServer recommends that shared hosting customers remain vigilant and active when it comes to updating the software components they install — this includes WordPress, eCommerce shopping carts, plugins, and other services.

4. Email security

Although most people think of phishing and Nigerian princes when it comes to threats to email security, secure and protected communications can have a major impact on shared hosting web performance. Accounts discovered to be sending spam or bulk emails may get a server listed on a blacklist, which blocks the delivery of all emails sent from that server or IP address.

With many hosting customers sharing server space, email security is incredibly important — if one account gets blacklisted, hundreds of innocent users can no longer trust that their communications are reaching recipients. Those effects can be devastating for any site owner, but they are especially harmful to businesses relying on email marketing to build and reach their audience.

InterServer guarantees email delivery by checking the content of outgoing email messages against a database of known spam signatures. The characteristics of spam content listed in the database are updated in real time to stay ahead of malicious senders. Unusual or dangerous activity from an account will likely trigger rate limits or sending quotas, or perhaps that user will be blocked from sending outgoing messages.

5. Backups

Included free of charge with every InterServer shared hosting plan, automated weekly backups protect your data in case of an attack. The company keeps at least three copies of site owners’ archived files for at least 60 days, giving customers peace of mind that their data will remain protected in the event their server or environment is compromised.

Additionally, the company’s storage (driven by much faster solid-state drive caching) is assembled in a RAID-10 configuration for added redundancy. RAID-10 arrangements require at least four storage disks and combine disk mirroring and striping to protect data; as long as one disk in each mirrored pair is functional, site owners’ data can be recovered.

6. SSL Certificates

Separate from the InterShield protections, shared hosting customers can enjoy free access to SSL certificates. The perk actually relies on the more secure TLS protocol that uses HTTPS to privately and securely transfer data between a web server and a visitor’s browser. The difference between SSL vs. TLS protocols isn’t terribly important for most shared hosting customers, but the important feature signals to potential customers that your site is trustworthy and secure.

SSL certificates are becoming increasingly critical for all site owners and small businesses, as Google and other search engines give special SEO and user-interface treatment to websites using the secure connections.

7. Reduced PHP Permissions

Last on our list but among the newest InterServer security measures is limiting the actions website code and scripts can take when running on a server. Built with WordPress in mind, the company’s new PHPmmdrop feature prevents code from changing or uploading files and running processes.

Extra protections associated with WordPress websites can be especially beneficial to shared hosting customers who are less likely to understand website security and maintenance. Although the frequently updated WordPress Core is inherently secure, many attackers are able to gain access through poorly coded or outdated themes and plugins. Once the vulnerability is discovered, attackers can add code that compromises the website with malware. PHPmmdrop takes away that threat by restricting file uploads to only the approved administrative users when they’re logged in.

As you can tell, top-notch security is not limited to high-priced hosting or to those who know the ins and outs of technical configurations and web servers. At InterServer, customers can rest easy with the above features handling all the legwork of protecting your data.

InterShield Evolves

Posted at March 19, 2018 at 7:17 am by Ylber Popaj

InterShield Evolves

InterServer’s InterShield system is able to stop many attacks and updates daily based on new data including new possible malware, known exploits and other Common Vulnerabilities. However, sometimes even with all these a new type of malware comes up.

In a recent case a site was redirecting to a pharmacy website but only when coming from a google search engine result. The site initially passed all scans of known vulnerabilities, the url did not exist in the code or database and it was reproducible. In this cases advanced debugging is needed. So xcache with trace was enabled which determined some interesting results. Follow this brief analysis and walk-through of our debugging process!

 

Debugging Begins

Starting here we load a normal WordPress file:

 

  •                     0.2006   18215480               -> force_ssl_admin() /home/xxxxx/public_html/
  •          fanxxx/wp-includes/default-constants.php:295
  •  0.2010   18242992             -> require(/home/xxxxx/public_html/
  •          fanxxx/wp-includes/vars.php) /home/xxxxx/public_html/
  •          fanxxx/wp-                settings.php:290

 

WGET

However, here the include is for a file not found in WordPress, so we continue to debug. We soon find that the URL being called was /privacy-policy/. We then execute a ‘wget’ to a remote URL. The wget then gives this information which does the redirect:

 

 0.4207 18334192 >=> ‘HTTP/1.1 200 OK\r\nDate: Fri, 02 Mar 2018 16:17:56 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nX-Powered-By: PHP/5.3.3\r\nContent-Length:   82\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n<location>http://med-shop24x7.com/site/search?q=finast&track=all-fancou</location>’

 

In the vars file we find:

  •           * @package WordPress
  •           */@require_once(‘class.wp-includes.php’);

 

The @require_once is hidden after a comment.

 

Debugging Ends


End Notes

Using this data the our staff was able to  to create virus signatures in order to detect these. Class.wp-include.php signature is available at:

http://sigs.interserver.net/info?hash=7fee30e79473e63c6393adc6fa183a2036689e4d9b3317b25bf5166d77d23b6e.

InterServer’s virus db detects most common malware and is available from https://interserver.net​.  InterServer will continue to provide security updates to our customers so stay tuned for more on the expansion of our powerful InterShield.

 

WordPress Vulnerability Secured

Posted at February 21, 2018 at 8:46 am by Ylber Popaj

 

WordPress Vulnerability

The month of February brought yet another scare to the hosting world. A WordPress vulnerability was exposed which allowed hackers to initiate what is known as a denial of service (DoS) attack on ones website. Ultimately, under a DoS attack, your website becomes unreachable by anyone including you. The technical understanding of performing the DoS attack is rather simple.The flaw begins under the well-known “/wp-admin” directory. Every WordPress site is assigned this path as an administrative source. It was discovered that while loading this path there exists a script which fetches a number of JS/CSS files. This can be a heavy load on the server when performed repeatedly. Of course, DoS attacks found their roots and hackers began exposing this exact flaw. Due to its simplicity, the population of attempts are greatly increased and essentially adds more to the scare. Fortunately, any downtime is not acceptable by InterServer.

InterServer Response

InterServer was able to mitigate these attacks through mod_sucurity. Therefore, it is NOT possible to exploit this on our shared hosting services. While there is an alternative for individuals who may not have their site hosted with InterServer, it is not guaranteed success. The alternative is to modify the “/wp-admin” as a sub-directory which will free you against common WordPress admin scans.

As an InterServer customer, you can rest assured that your WordPress site will be safe from the newly exploited DoS attack flaw.

InterServer Patches Meltdown And Spectre

Posted at January 12, 2018 at 12:07 pm by Ylber Popaj

 

InterServer takes customer security with pride. Hear our story on how we tackled the recent security scare which targeted end-users nation wide.

 

What is Meltdown and Spectre?

You may have heard of terms like Meltdown and Spectre in recent tech news. Both exhibit a hardware vulnerability exposed by a small team in Austria. Through software, both are able to access private data on a server, but how is this possible? The vulnerability begins at the most inner core of a computer, the Central Processing Unit (CPU). By observing micro processes and transactions, these programs were able to access other parts of the computer that may not be relevant to the actual programs running. For instance, e-mails, files, browsing history, etc. were all subject to vulnerability.  While the technical understanding of Meltdown and Spectre is extremely high level, it is important to understand that InterServer took immediate action.

 

InterServer Reacts

InterServer CTO, John Quaglieri kept up to date with all Linux distributions and their kernel updates that would directly target Meltdown and Spectre. Fortunately, John was able to update our Linux machines immediately and efficiently to ensure that all data is secure. From our Shared Hosting to VPS, all kernels have been updated up to par based on their respective Linux distributions. He allowed our customers to keep track with his progress in a frightening situation by logging any updates on our forum page.

 

Forum Posts

Here is the forum URL link which tracks any updates regarding Meltdown and Spectre in InterServers infrastructure – click here.

BitCoin – To Bit, or Not To Bit

Posted at December 18, 2017 at 5:25 pm by Ylber Popaj

In recent news, you may have noticed the subject popularity on Bitcoin. The following questions may come up,

  •       What is BitCoin?
  •       What is Cryptocurrency?
  •       How can I earn Bitcoin?
  •       How much is it worth?
  •       What’s the hype about?

We will help you get a clear picture of the internet currency without getting into the nitty gritty details that may confuse most people.

What is BitCoin and Cryptocurrency?

Firstly, Bitcoin is an internet currency or better known as, a cryptocurrency. It offers a way to make transactions without the common use of the U.S dollar. A fair comparison would be to having your wallet full of cash and harddrive full of bitcoin. In both scenarios, you possess a currency worth some value. Right now, one bitcoin is worth 16,207 dollars. Other companies exist that offer cryptocurrencies, a few of them being : Ethereum, LiteCoin, Neo, Monero.

How can I earn Bitcoin?

Unfortunately, Bitcoin isn’t offered as an hourly wage nor can you earn it through a typical job. There are two ways it is possible to acquire Bitcoin:

  1. Trade other currency (like the U.S Dollar) for Bitcoin.
  2. Use your own computer/server to mine for Bitcoin rewards

The first option is rather simple. You trade 1 Bitcoin for 16,207 dollars. In 2009, you were able to purchase 5,000 bitcoins for as low as 27$.

The second option is where the Bitcoin story gets complicated. For simplistic reasons, we will keep the explanation concise and to the point. You may have heard of the term ‘mining’ related to the technology field. When pertaining to Bitcoin or a cryptocurrency, the term mining isn’t what we might initially imagine. Instead of digging into the Earth’s crust in hopes to find some Bitcoin, we dig deep into CPU utilization. Powerful computers solve Bitcoin designed ‘problems’ or ‘equations’. As a reward, Bitcoin assigns a bitcoin to the host who solved the equation. The entire process has a snowball effect. The more value a Bitcoin gains the harder the equations are to solve.

So, now that we know what Bitcoin is, what is all the fuss about?

The hype begins around the fact that the new currency is completely unregulated by government agencies. While it is bannable by governments, it is not regulated. A major component of Bitcoin popularity is also the delicacy of Cryptocurrency and its worth. It’s like taking a gamble. Dedicating time, money, and effort to gain Cryptocurrency can profit in thousands to millions of dollars while in some cases, very little to none.

In most recent news, Bitcoin proved to be a very profitable business as its value skyrocketed in just a few months.

To Bit, or Not To Bit?  That is the question.

Unfortunately for the common consumer, investing in Bitcoin is not so realistic anymore because of its value. As previously stated, today, one Bitcoin is worth 16,207 dollars. So, to invest in Bitcoin at its current value is rather pricey. If you are just learning about the hype-train, it is unfortunately a little late to hop on. This doesn’t mean that you can’t explore other cryptocurrencies. Other companies still compete with Bitcoin and have proven their potential of exponential growth in the following years.


While the Cryptocurrency world is still very unpredictable, it is important to consider its expansion and potential. Keep an eye out and enjoy the evolution of Cryptocurrency unfold!