KnownHost offers complementary DDOS protection on All Managed product lines!
We offer protection up to 3 Tbps (3000 Gbps) for bandwidth and packet intensive attacks designed to take your website offline by flooding it with more traffic than it can handle. We use multiple layers of identification and filtering hardware and services to help ensure your website remains online during these attacks. See below for examples and types of attacks covered.*
Types of attacks covered:
Our DDOS protection is not intended to protect against Layer 7 or application layer attacks. Many of these can be handled at a server level by using firewalls, mod_security or locking down your website code. Some examples of items not covered under our DDOS protection are below.*
KnownHost Security - DDoS Protection.
At KnownHost, we take website security very seriously, because we know the potential losses a business can incur whenever a security breach takes place.
Your Role in Protection
DDoS is a type of brute force attack designed to send a flood of requests in the hope of disrupting the normal operation of a server or web service. But there's much more to protection than just dealing with a large DDoS. Many of those things can be handled by you. Read on to find some of the ways you can help secure your server and protect your company information.
Restrict Login Attempts
There are a number of ways to stop multiple failed login attempts in quick succession, depending on which port/method is being used for the attempt. For example, with SSH it is handled by the CSF/LFD daemon installed on our VPS, Dedicated and Cloud products.
Ban Users After Failed Logins
You could use Config Server Firewall (CSF), iptables or other firewall-based methods. In fact, there's a dozen or more ways to do this - the important thing is that YOU DO THIS!
Monitor Log Files
We can have all the best hardware and software (which we do, by the way), but what really matters is our people. We have nearly two decades of experience in the hosting industry and many of our people have been here since the beginning. They not only have the expertise to do the job right, but the drive to do it better than anyone else.
Need More Information About
If you haven't implemented public keys, now is the time. Make it more difficult for system compromises with this small step-change.
Why make it easy for hackers? Changing the default port for SSH is an easily implemented change that adds one extra layer of protection. It should be a part of the plan - not the whole plan, though.
It costs KnownHost an arm and a leg to build this secure infrastructure. But... We know this is critical for businesses, so we provide it as a FREE service to all of our hosting customers.
We have a full page about premium SSL certificates, but our high-value shared and reseller hosting plans include a free SSL certificate to get your started.
In addition to the above server level things, within WordPress you can: change the default admin username, giving admin much less permissions, password protect wp-login.php, limit access to wp-admin by IP address, deny no-referrer requests, consider blocklists - and many, many more. It pays to learn about securing WordPress, and use more than one single solution to protect yourself.
Start with all the above, then customize the Magento path, don't use admin for administrative tasks, use strong passwords, protect the /download folder via .htaccess, enable https for admin panel, keep everything fully updated to avoid easy exploits - and many, many more. Again, it pays to learn about the many different ways, and employ more than one of them to secure your Magento installation.