We’re happy to announce we’ve just finished deployment of Imunify360 to all our shared, reseller and semi dedicated hosting servers. Imunify360 is the latest innovative software by CloudLinux that enhances security significantly for linux web servers. It brings many tools for our system administrators but also significant improvements to the potential security of all accounts on our servers. It introduces an advanced firewall, smart intrusion detection system, malware scanning and has many other great features planned.
The advance firewall takes what our servers already do and enhances it by utilizing herd immunity and artificial intelligence to detect new threats. It’s capable of detecting brute force attacks, DoS attacks, port scans and other types of attacks on our systems. Upon detecting these types of attacks it’s capable of not only blocking them but preventing other systems from even encountering the type of attack at all going forward.
Previously when an IP address of a potential visitor is blocked they’d simply be unable to access your website. This can be a problem as ISPs change the IP addresses of end users meaning a user could potentially get a dirty IP address from their ISP and be blocked across the internet. Not on our servers however, if a users IP was previously involved in malicious activity they’ll be greeted by a captcha to prove they’re a real visitor. Upon answering the captcha they’ll be allowed on your site and no longer will be blocked. This reduces the rate of false positives and makes sure that no matter who the user is if they are visiting your website for legitimate reasons they can reach it.
Intrusion Detection and Protection System
Imunify360 introduces not only an intrusion detection system but an intrusion prevention system as well. The intrusion prevention system utilizes the global network to help block IP addresses previously involved in attacks so they’re not even given the chance to attempt an attack. The intrusion detection system scans our servers for attacks and bans the IP addresses on not only the server that came under attack but it also reports the activity back to our central database so that our entire network of servers can be protected.
We’ve been capable of detecting malware on user accounts for some time so this is not something new for our users. Imunify360 however has the potential to significantly improve the capability and improve detection rates as well the usability of such a feature for our customers.
While this is a feature more catered towards our systems administrators it is still worth noting. We already use the KernelCare product of CloudLinux which is of course a feature of the Imunify360 security product. Their road map however intends on introducing additional features such as LibCare which will help patch our systems against Glibc vulnerabilities. This will mean even fewer reboots of our systems and more uptime for your sites!
Web Application Sandboxing
This feature is not yet available but it’s worth pointing out as it’s very exciting and should be available soon! The majority of user applications are similar and we know what WordPress, Drupal, Joomla, etc. should look like. With the safety of sandboxes we will be able to prevent a hacker from injecting malware or defacing your site even if they’re coming from an IP address previously not involved in attacks.
Opting Out of Imunify360
We understand that not everyone wants the protection mechanisms of malware scanning, mod_security and now Imunify360. The good news is development has started on the ability to opt out of Imunify360 protection of your web site. When this becomes available on all our servers it will of course be announced.