Today’s hackers are widening their scope of threats and creating deeper, harmful impacts. We all need our platforms safe if we want to stay in business. However, organizations tend to cut costs by not hiring full-time security analysts, taking the DIY-approach instead. Thus opening up a can of risks.
Since software, and the attacks it exposes, are always evolving, it’s impossible to keep security policies relevant and reliable. Resulting in compromised websites, unmaintainable systems, a floundering reputation – and ultimately, plunging profits.
Common Characteristics of Cyber Crime Today
According to many security experts, this is what today’s cyber crime landscape looks like:
- Scale: Through automation, hacking attempts are now much broader in their attack surface and more prolonged in their duration.
- Knowledge: Hackers take advantage of dedicated communication channels and share vulnerabilities info. Many vulnerabilities are unknown to both the software vendors and the website owners.
- Adaptability: Hacking tools and techniques evolve faster than the defenses designed to protect against them. And hackers are customizing attacks for specific website platforms, exploiting specific vulnerabilities.
- Cost: Hacker communities don’t just steal a company’s data and hijack their resources. They also adopt a company’s corporate mindset and try to lower hacking costs and risks.
If we want to avoid making cybersecurity a full-time fight, we need defense strategies that directly address the above factors.
Layered Security: The Suggested CloudLinux Strategy
What CloudLinux wanted was to regain control of security and make it manageable for Linux hosters and website owners. Hence, discarding previous failed strategies and replacing them with more effective tactics, better suited to battle these new hacking trends.
With layered security, a stack of security components protects against different vectors of attack with specialized software modules. Together implementing a more effective ‘security funnel’ kind of situation.
Why Layered Security?
Modern security solutions use this multi-layer model because of its wide coverage and the fact that it’s adaptive. System operators can individually fine-tune each layer according to their profile, server specs and compliance needs. Meanwhile, website operators no longer need to constantly reevaluate their security defense posture and upgrade their cybersecurity suite. Instead, they can use their time and money to further develop their businesses and meet their customers’ needs.
Imunify360 in Plesk: Key features & Updates
Imunify360 is a scalable solution with a cybersecurity approach that builds on the industry’s solid and reliable components and protocols. Their technologies improve detection rates, simplify management, and offer opportunities to enhance revenues for hosters and web professionals. Here’s a run-down of the key Imunify360 components.
1. Firewall / WAF
Builds on the strength and reliability of ModSecurity and OSSEC, enhanced by human and machine-learned rules. There’s automated IP block list management to ease your workload, regardless of how many addresses there are. And Individual IP address blocking uses the familiar allow/deny lists model extended by a gray list – where blocked IPs go.
The system only unblocks gray IPs when a human visitor from an HTTP/HTTPS passes a CAPTCHA – thus whitelisting them. However, only admins can manually add entries to a local gray list, reducing false positives and unblock requests for support.
Bulk setting large numbers of IPs is quick and painless. To defend against brute-force attacks, Imunify360 adds to OSSEC’s Active Response which can even detect specific ports under attack, and block them.
2. Intrusion Detection Systems (IDS) & Intrusion Protection Systems (IPS)
These security components inspect traffic for signs of malicious intent, stopping it at source before it can do harm. Imunify360 uses its unique Proactive Defense to scan PHP for malicious code via de-obfuscation and behavior-analysis techniques. In order to work out which requests are authentic, while keeping false positive rates as low as possible.
In the case of malware, Blamer traces the source and method of infiltration. Eventually, armed with this information, Imunify360 will become even more effective at blocking attacks.
Imunify360/ImunifyAV automatically or manually scans new, modified, and uploaded files for malware and viruses – for free. Then, you can choose to automatically delete, quarantine or get a warning about malicious content. You’ll be able to perform scheduled scans in the upcoming Imunify360 4.1 version. ImunifyAV+ (premium) also includes one-click cleanup.
4. Patch Management
The main cause of security breaches is outdated software. In fact, unpatched vulnerabilities in software packs leave servers wide open. So you have to patch them asap. However, this takes time and effort, and often, patches need a system restart to activate, which could cause service interruptions.
But Imunify360 actually solves this. Firstly, with HardenedPHP, which patches new vulnerabilities and lets you safely run apps on older, unsupported PHP versions. And secondly, KernelCare, which automatically patches Linux kernels “live” – without rebooting and downtime. Essential since the kernel is the most important Linux system part, handling core functionality which all other apps rely on.
5. Reputation Management
When a website is victim of an attack, Google Safe Browsing blocks it, resulting in you losing traffic and revenue. Because the site is not indexed anymore. So this Imunify360 feature informs you of the Google-block and helps you unblock and restore it.
6. Backup and Restore
File backup brings you peace of mind because of its ability to help you recover from malware infection. Because a backup/restore feature like in Imunify360 (Acronis or CloudLinux) quickly restores your files to their pristine condition.
Fighting cybercrime together
The role of Linux servers has grown as a result of e-commerce growth in the last decade. But Cyber-crime has grown in parallel and puts legit business operations in danger with its sophistication and reach. The only solution is fighting fire with fire; use the same tools hackers are using. Get Linux server protection that is complete and dynamic.