KnownHost offers complementary DDOS protection on all Managed VPS, Cloud VPS, Reseller and Shared Hosting, plus Managed WordPress and Dedicated Server product lines!
We offer protection up to 500gbps and 700mpps for bandwidth and packet intensive attacks designed to take your website offline by flooding it with more traffic than it can handle. We use multiple layers of identification and filtering hardware and services to help ensure your website remains online during these attacks. See below for examples and types of attacks covered.*
Types of attacks covered:
Volume Based Attacks
Fragmented Packet Attacks
Our DDOS protection is not intended to protect against Layer 7 or application layer attacks. Many of these can be handled at a server level by using firewalls, mod_security or locking down your website code. Some examples of items not covered under our DDOS protection are below.*
Brute force login attacks
Email / Spam Floods
IPv6 Null Route Only
Low level HTTP traffic floods
At KnownHost, we take website security very seriously, because we know the potential losses a business can incur whenever a security breach takes place.
DDoS is a type of brute force attack designed to send a flood of requests in the hope of disrupting the normal operation of a server or web service. But there's much more to protection than just dealing with a large DDoS. Many of those things can be handled by you.
Read on to find some of the ways you can help secure your server and protect your company information.
There are a number of ways to stop multiple failed login attempts in quick succession, depending on which port/method is being used for the attempt. For example, with SSH it is handled by the CSF/LFD daemon installed on our VPS, Dedicated and Cloud products.
You could use Config Server Firewall (CSF), iptables or other firewall-based methods. In fact, there's a dozen or more ways to do this - the important thing is that YOU DO THIS!
The quick and easy way is to simply get to an SSH prompt and enter: less /var/log/secure or tail -f /var/log/secure then look for a series of failed logins
If you haven't implemented public keys, now is the time. Make it more difficult for system compromises with this small step-change.
We have a full page about premium SSL certificates, but our high-value shared and reseller hosting plans include a free SSL certificate to get your started.
Why make it easy for hackers? Changing the default port for SSH is an easily implemented change that adds one extra layer of protection. It should be a part of the plan - not the whole plan, though.
In addition to the above server level things, within WordPress you can: change the default admin username, giving admin much less permissions, password protect wp-login.php, limit access to wp-admin by IP address, deny no-referrer requests, consider blocklists - and many, many more. It pays to learn about securing WordPress, and use more than one single solution to protect yourself.
It costs KnownHost an arm and a leg to build this secure infrastructure. But... We know this is critical for businesses, so we provide it as a FREE service to all of our hosting customers.
Start with all the above, then customize the Magento path, don't use admin for administrative tasks, use strong passwords, protect the /download folder via .htaccess, enable https for admin panel, keep everything fully updated to avoid easy exploits - and many, many more. Again, it pays to learn about the many different ways, and employ more than one of them to secure your Magento installation.