Shared Hosting and Hacked Websites
Even the most secure host server could be vulnerable to malware. Research shows that the most well-known biggest host providers can be vulnerable to common cyber-attacks. In a shared hosting environment, WordPress is the dominant content management system (CMS) installed on customer websites. It also accounts for 90% of sites hacked every year. Most hacked content comes from vulnerable themes and plugins, but site owners are unaware of risks associated with third-party code and the importance of updating and patching software.
The trouble of chasing hacked sites in a shared environment is that some responsibility is left to the customer to keep their software updated and take the necessary steps to stop malware. Site owners don’t have the experience and knowledge to block attacks, which leaves them vulnerable. For example, many site owners leave their WordPress software outdated including plugins. Outdated software is one of the OWASP Top 10 for threat agents and has a high impact on the chance for a site to get hacked eventually. If site owners do not log into their sites occasionally to update software, the WordPress plugins and core software are left vulnerable to the latest exploits.
A hacked site can host a myriad of malicious content including backdoors, executables, trojans, phishing pages, and spam mailers. Since a shared host provider has potentially thousands of sites on one server, numerous hacked sites could affect performance from overutilization of compromised site requests. Poor performance on a shared host server results in customer loss, a poor reputation, and revenue loss. It’s essential for administrators to find automated means to monitor and remove malware from hacked sites.
InterServer.net looked to Imunify360 to monitor for malware and CloudLinux OS to harden security. Both products quickly became a fan favorite among support technicians and their CTO as a way to provide fast customer service while still hardening security across physical servers. In addition, InterServer.net used KernelCare to update the operating system without requiring a reboot. Because they no longer needed to reboot servers after updates, InterServer.net could avoid complications associated with rebooting servers.
When searching for cybersecurity solutions, InterServer.net looked for a malware solution in Imunify360 and a security hardening system in CloudLinux OS. Combined, these two services lowered incidents of hacked sites. In addition to CloudLinux OS and Imunify360, KernelCare became a favorite within the business for updating and patching the Linux kernel without requiring a server reboot. With these three services, InterServer.net could automate cybersecurity and kernel patching, saving technicians and administrators overhead and time.
The CloudLinux, Imunify360, and KernelCare team became a partnership with InterServer.net. It’s this partnership that kept InterServer.net growing internally and expanding CloudLinux products across their environment. They also found that the Imunify360 team was always available for support, and they could work together to resolve issues. It’s this support and service that continues to be one of the major factors in InterServer.net’s continual loyalty to all three CloudLinux products.
Shared Hosting Support Technicians Face Increased Frustrations Without Security Automation
Without automation, hosting providers are stuck finding manual ways to mitigate and remove malware. In a shared environment, this isn’t an efficient solution or manageable for server technicians. Just like InterServer.net needed a more efficient way to monitor and block malware, shared hosting providers that use manual methods are not leveraging the tools necessary to free up technician time and protect server resources from malware.
Lack of automation can cause several issues and creates unnecessary overhead for support technicians. A shared hosting provider that does not introduce security monitoring can face:
Manual management of security solutions. Manually managing cybersecurity requires extensive time, consumes resources unnecessarily, and introduces a higher chance of human error. Human errors can lead to catastrophic mistakes leading to critical downtime and data breaches. It’s estimated that human errors account for 60% of data breaches. As an example, Capital One Financial Corporation misconfigured security features on their web application firewall allowing an attacker to exfiltrate 100 million customer records. The data breach is still one of the biggest to date.
Imunify360 has several automation features including a web application firewall that stops malicious requests. It contains a command-line interface to configure it’s features, but it also works effectively out-of-the-box with little implementation effort. Administrators can work with advanced controls using the command-line interface, API, incident management and overall configurations of the security suite.
In addition to convenience and better support, Imunify360 takes care of much of the security associated with shared hosting servers and the hacked sites that use critical resources. It helps support technicians who might not be familiar with the latest cyber-attacks to better mitigate and eradicate threats from the server allowing them to focus on other critical maintenance.
Try Imunify360 Security suite for free for 14-days and forget about malware on the server.
When Linux antivirus lets you down: How to remove malware from a website manually
Why Malware on Your Website Should Never Be Ignored
What to do if your website is blacklisted
Frequently Asked Questions
What is Imunify360?
Imunify360 is a comprehensive security suite for linux web-servers. Antivirus, Firewall, WAF, PHP Security Layer, Patch Management, Domain Reputation with easy UI and advanced automation. Find out more about Imunify360 and how it works here.
What systems do you support?
We support all the popular systems CloudLinux OS 6,7,8, Ubuntu 16,18, CentOS 6,7,8, Debian 7,8,9,10, RHEL 6,7,8
What panels do you support?
We have a simple installation at any of these panels – cPanel & WHM, Direct Admin and Plesk.
What should I do if I do not have a hosting panel?
Imunify360 offers Stand-alone installation. The detailed instructions are available here.
How can I test Imunify360?
You could explore Imunify360’s all set of features free for 14 days on an unlimited number of servers. No credit card information required. After the trial period is over, you can purchase an Imunify360 license via CloudLinux Network (CLN) by logging in to cln.cloudlinux.com.
How do I get started with Imunify360?
Our Getting Started guide will guide you through all the steps of the installation process and help you explore all features of Imunify360.
What is the price of Imunify360?
The pricing of Imunify360 starts at 6 USD /mo. You can find more information about pricing here.
How to become a partner or reseller?
We have created this handy Partner Guide to help you effectively promote Imunify360 to your Shared and VPS customers and accelerate your sales. You can learn more about the Imunify360 partner program here.
Where to find Imunify360’s documentation?
You can find all technical documentation about Imunify360 here.
Introduction to Imunify360