@usAdultAds
Our web servers have various security features that could potentially work against you depending on the situation. We hope that by making you aware of some of these features we can prevent minor issues such as locking yourself out or getting blacklisted by our servers. On average we see more than 40 DDoS attacks daily, 99% of which are smaller than 10 Gbps, but are still able to disrupt a service that's unprotected. The 10 Gbps of DDoS protection has already been enabled on your account with us AND the following benefits:
1 - Failed Login Attempts:
If you are attempting to login to any server-side service (cPanel, FTP, WEB, EMAIL, etc) and have more than
5 failed login attempts within a relatively short period of time
your IP will be blacklisted permanently.
The server will appear completely down for you (not others) if this happens since your IP will be blocked at the firewall. You must contact our support team to be unblocked.
2 - WordPress Logins:
We use rate-limiting on "
/wp-login.php" which is the login page for users and admins for any WordPress installation.
Too many requests in a short period to this page will be rate-limited, but not blacklisted. This greatly reduces brute-force attacks on WordPress installations. You will receive a page saying you are accessing the page too quickly. Chances are you will not see this page if you are a human.
3 - ModSecurity:
This is one of the most common ways to get blocked by our servers. From your cPanel you can disable ModSecurity on your website if you choose, however we do NOT recommend this. The protection ModSecurity provides is well worth the occasional false-positive. ModSecurity is a tool capable of real-time web application monitoring, logging, and access control. We use the OWASP ModSecurity Core Rule Set on our servers.
You can
see full details about the protection ModSecurity provides here:
http://go.cpanel.net/modsecurityowasp
4 - IP Blacklists:
Any network communication to or from any IP listed in any of the blacklists will be completely blocked at the firewall. Your home computer should not be on any of these lists.
These blacklists greatly reduce the amount of malicious visitors, bot-nets, spammers, TOR exit nodes, and more.
We utilize the following IP BLOCK lists on our client web-servers:
- Spamhaus Don't Route Or Peer List (DROP)
- Spamhaus Extended DROP List (EDROP)
- DShield.org Recommended Block List
- TOR Exit Nodes List
- Alternative TOR Exit Nodes List
- BOGON list
- Project Honey Pot Directory of Dictionary Attacker IPs
- C.I. Army Malicious IP List
- BruteForceBlocker IP List
- OpenBL.org 30 day List
- Autoshun Shun List
Everything is logged!
There are many other security tweaks to our environment on the server, firewall, PHP, MySQL, etc that we simply can't go into full detail about. If you are having connectivity issues to our servers it's best you contact our support department for further assistance.
If you have any questions or concerns, please let us know!