Thursday, October 19, 2017
Client Central > Announcements > Is Hacking/SQL Injection attempt possible at CentrioHost Server?
Did you see the "Malware Control" + "Spam Guard" logo in our CentrioHost.com homepage? Everyday we get numerous queries how centriohost.com is offering this Malware Control, SQL Injection protection, Spam guard etc. With your previous hosting provider SQL Injection happens frequently with backdated WordPress, Joomla, Opencart or, other Scripts/CMS. So how those hosting provider handle these? They suspend your account, disable the access to that script or, set a password protection for the folder where the script is hosted etc. In worst case scenario, they just permanently suspend or, terminate your primary account for repeated violation. Nightmare, isn’t it? This issue may be a common phenomenon with other hosting provider but is hacking is an option at CentrioHost? Let see...
So today I would like to say how CentrioHost handle these 3 things:
1. Malware/Virus Control.
2. SPAM Guard.
3. SQL injection protection, SYMLINK bypass protection etc.
Did you ever try to do a SQL Injection attempt to your server with us (CENTRIOHOST) by yourself? If you don't do it yourself, let's have a try now. Before that we suggest you to keep a secondary Internet connection (With a new IP Address) or, a VPN support on hand. Because that one you may require to unblock your main IP address from our firewall.
1. SQL injection is the placement of malicious code in SQL statements, via web page input. Hackers always try to inject some codes in your script's weak area. Generally they will fail. Because our customized 3600+ Mod Security rules will protect your script like bad ass. When hackers try multiple times (Up to 10) for sql injection attempt failure, their IP get blacklisted on our system.
2. If they succeed to come up with new type of sql injection code which does not cover by our customized MOD SECURTY rules, they will try to upload SHELL files (.php/.sh/,pl) to hack your website. As soon they are trying to attempt this step, within few NANO SECONDS their IP address get blocked on our system and files upload process automatically rejected from our customized PHP Guard. Hackers can't upload any shell files through your script and they can't hack your website! NOT-AT-ALL :)
3. What if some user have an existing hosting from us and try to hack the script or, server by himself? The user can create/upload Shell files and upload it on our server through File Manager or, FTP client and try to access it. As soon any shell files are accessed they can view their cpanel files only like a FILE Manager not other cPanels data hosted on the server. Because all CentrioHost servers having KERNEL LEVEL SYMLINK PROTECTION. When they try to press any button for port-scan/sym/shell/bypass/etc. (These options are created by hackers for shell hacking scripts), the script get locked automatically and System Administration get mail instantly with the EXACT PATH where the SHELL hacking file is uploaded. And we are going to delete it :) So being our customer you can’t hack yourself too!
4. Hackers can't upload any VIRUS/Ransomware/Malware files through your script. If you run any Customer Management Portal, your visitor can send you some attachment, right? If you host File Sharing Script, visitor can upload files on the server. If they are trying to upload any VIRUS/Ransomware/Malware they will see ACCESS DENIED error on the browser and within 1 second the IP address get blocked on the server. Again that malicious file will not even not exists on our server for a second.
5. We instantly scan each and every uploaded and accessed/modified files in REALTIME basis. Even when you are trying upload a post and attach an image/media, upload a theme or, plugins in your wordpress, its instantly checked and we do it for every file types. When any virus, malware, shell files found they get deleted automatically and uploader IP address get banned. Hackers can’t upload any .php/.sh/.pl files which ensure your script safety, security and protection at first place.
6. We also scan mails incoming/outgoing instantly for virus and malware. So if hackers trying to send you any virus/ransomware in attachment, these attachment will get deleted. Unless they are trying to send URLs instead of attachment and you are accidently click on those links!
7. Since hackers can’t hack your website, there is not a chance to do EMAIL SPAMMING through your script. Even hackers can't upload a single phishing page to your website. A common hacking technique faced with other hosting providers is "index.php or, index.html" replacement. But you never face this with CentrioHsot.com servers. No matter how much older/backdated your script was, but hackers will get their IP blocked and their all attempt will fail instantly when they are trying to do these!
8. We also use 3rd party IP reputation control system to receive incoming traffics from good source only. Which means spammers, bad bots can’t access to your domain. Which ensure almost ZERO spam with WordPress or, other scripts comments spamming and spambots automated USER registration process.
So this is why CentrioHost.com is different from all. Your script is hardcoded and protected when you host your service with CentrioHost.com Server. No more suspension, huh!