Top 6 security practices that helped us secure HostBill against any attack
In our role as outsourced hosting support specialists for web hosts, a major task that we perform is the hardening of server and other critical web hosting apps such as the billing portal to prevent hacking, malware infection and vulnerability exploits.
HostBill is emerging as a commonly used hosting automation tool for businesses. Since it handles sensitive customer data, securing it from exploits and attack is very vital.
Today, we’ll go through the top 6 security practices that helped us secure HostBill against any attack, in our customer servers.
1. Secure HostBill with latest patches
Security researchers constantly find vulnerabilities in every popular software. HostBill is no exception. Our 24/7 security expert team keeps a close eye on all security updates and promptly patches the software.
When a new vulnerability is found, we patch HostBill within a few minutes by:
- Applying the official patch (if available), or
- Using a web server work-around (eg. mod_sec rule) that blocks the execution of the vulnerability.
By quickly applying the patches and timely updating the software to the latest available version, we avoid an exploit situation from affecting the HostBill server and thus safeguard confidential customer data.
2. IP restrictions to block unauthorized access
HostBill has an admin area to manage it. Securing this section via access restriction is vital to avoid hackers from stealing your customer data.
Using the ‘Security Settings’ feature in HostBill, we restrict access to the admin section to only the customer’s IP and block all other IPs from accessing admin area.
HostBill exploits usually employ common attack methods such as XSS vulnerability, code injection, etc. Using our web application Firewalls (or WAFs) such as mod_security, NAXSI, etc., we block such attacks.
We periodically review and update the firewall rules to ensure that the restriction is effective and up-to-date. Using password protection and ‘.htaccess’ rules, we restrict access to unwanted visitors.
[ Use your time to build your business. We’ll take care of your servers. Hire Our Hosting Support Specialists and boost your server performance. ]
3. Periodic software security audits
A common source of vulnerabilities are 3rd party addons and payment gateway modules. Many hosting companies opt for custom plugins to get the features specific to their business.
But over time, these addons may be left without patching or security updates, and form an easy entry point for hackers. We prevent this issue by periodically scanning the whole HostBill installation, and removing the files, directories and addons that are outdated.
We also recommend to use a non-public development server to test new functionalities so that unused addons never reach the live server.
[ You don’t have to lose your sleep to keep your customers happy. Our friendly Hosting Support Specialists are online 24/7/365 to help your customers. ]
4. Hardening the web server to prevent hacks
Many exploits rely on non-standard PHP functions and availability of common server commands. So, we lock down the web server so tight that most exploits will just refuse to execute. Some of these steps are:
- Disabling dangerous PHP functions.
- Block non-standard ports.
- Force HTTPS with strong ciphers and 2048 bit certificates.
- Disable lax permissions (eg. 777) in web-accessible directories.
- Prevent common PHP hacks using security patches such as Suhosin.
- Hide PHP and server versions, and disable PHPInfo function so that hackers cant run tests.
- Block connections from infected computers using blocklists such as SpamHaus XBL.
- Disable script execution in uploads directory.
We review these settings periodically to make sure they are performing as expected, and to make sure it’s up-to-date with the latest hardening techniques.
[ Running a hosting business doesn’t have to be hard, or costly. Get world class Hosting Support Specialists at affordable pricing. ]
5. 24/7 security monitoring to detect attacks
Even despite all these precautions, it is possible that someone might get through the defenses. Which is why we monitor the server round the clock for anomalous events.
Some major parameters that we monitor include:
- Network traffic,
- File system changes (eg. file uploads)
- Non-standard execution (eg. if a process is created by an unknown script)
- Privileged file access (eg. if someone tries to access /etc/passwd)
At the slightest hint of an issue, we quickly get into the server, investigate the event, and if it’s indeed an attack, we mount additional defenses quickly so that HostBill remains secure.
6. Configuring secure methods for access restriction
Having multi-layered security helps so much that if one fails, another layer would block an attack. By setting strong passwords and two level authentication process, we restrict unauthorized access attempts to the software.
By renaming the admin folder, we prevent brute force attacks, password guessers, and other similar threats to HostBill. We also configure login notification system to immediately get an alert if someone gains an access.
We move the vulnerable ‘attachments, downloads, and templates_c’ folders of HostBill outside the public directory to secure them. The HostBill config file is another safely secured file.
To add on..
Now, what if everything fails, and an attack happens? We take backups of database and HostBill files every day. Then we periodically conduct back-up restore drills to make sure:
- The backups are indeed working (that is the database, etc. is not corrupted).
- That we can restore the backups within a few minutes.
We store the backups in a secure off-site location that’s removed from the HostBill network, so that the infected server cannot access it automatically.
If you’d like to know how we can help you secure your business by ensuring stable server software along with efficient customer support services, we’d be happy to talk to you.