KnownHost Security - DDoS Protection = 1 Piece of the Solution

At KnownHost, we take website security very seriously, because we know the potential losses a business can incur whenever a security breach takes place.

We start with high-end hardware and network appliances, overlay secure operating systems and software components which we then optimize to both perform and be secure.

We provide SSL certificates and integrate easy to use software like Imunify360.

But our first line of defense is in the network. Our DDoS protection intervenes, protecting your server, files, databases, and emails before they ever hit your server.

shield icon

Your Role in Protection

DDoS is a type of brute force attack designed to send a flood of requests in the hope of disrupting the normal operation of a server or web service. But there's much more to protection than just dealing with a large DDoS. Many of those things can be handled by you.

Read on to find some of the ways you can help secure your server and protect your company information.

feature icon 1

Restrict Login Attempts

There are a number of ways to stop multiple failed login attempts in quick succession, depending on which port/method is being used for the attempt. For example, with SSH it is handled by the CSF/LFD daemon installed on our VPS, Dedicated and Cloud products.

feature icon 2

Ban Users After Failed Logins

You could use Config Server Firewall (CSF), iptables or other firewall-based methods. In fact, there's a dozen or more ways to do this - the important thing is that YOU DO THIS!

feature icon 3

Monitor Log Files

The quick and easy way is to simply get to an SSH prompt and enter: less /var/log/secure or tail -f /var/log/secure then look for a series of failed logins

question icon

Should I use password-based authentication or public keys?

If you haven't implemented public keys, now is the time. Make it more difficult for system compromises with this small step-change.

question icon

How much are SSL certificates?

We have a full page about premium SSL certificates, but our high-value shared and reseller hosting plans include a free SSL certificate to get your started.

question icon

Are default ports okay?

Why make it easy for hackers? Changing the default port for SSH is an easily implemented change that adds one extra layer of protection. It should be a part of the plan - not the whole plan, though.

question icon

What things can I do to secure WordPress?

In addition to the above server level things, within WordPress you can: change the default admin username, giving admin much less permissions, password protect wp-login.php, limit access to wp-admin by IP address, deny no-referrer requests, consider blocklists - and many, many more. It pays to learn about securing WordPress, and use more than one single solution to protect yourself.

question icon

How much does DDoS protection cost each month?

It costs KnownHost an arm and a leg to build this secure infrastructure. But... We know this is critical for businesses, so we provide it as a FREE service to all of our hosting customers.

question icon

What things can I do to secure Magento?

Start with all the above, then customize the Magento path, don't use admin for administrative tasks, use strong passwords, protect the /download folder via .htaccess, enable https for admin panel, keep everything fully updated to avoid easy exploits - and many, many more. Again, it pays to learn about the many different ways, and employ more than one of them to secure your Magento installation.


Valuable insights for small to medium sized business owners, marketers, designers and site managers.

Privacy Policy