How to Secure your CMS ?

How to Secure your CMS ?

by | Jun 11, 2020 | Others

As of 2020, the majority of internet traffic comes from automated sources such as hacking tools, spammers, impersonators and bots. Keeping your website safe and secure from hackers is a constant process. The more you neglect the security of your website, the more likely your website and business will suffer. We, humans, look at its easy way to get things done, therefore the majority of the websites are built through CMS.

A content management system(CMS) is application software that helps users create, manage and modify content on a website without the need for particular technical ability. Imagine starting a podcast of your own or setting up a website that can easily manage your content and the context.

WordPress, Drupal, Magento and Joomla are some of the most popular content management systems used. The four open-source CMS’s I mentioned are software source code that anyone can test, modify and improve.

Open-source software is like two sides of the coin. On the one side, open-source software allows people the option to match their specific needs and preferences, and everyone can see what this is doing behind the scenes. On the other side, people with bad intentions can study and search for publicly available source code until they find a bug, weakness, defect, or feature for abusing activities.

When using a CMS, you need to keep an eye out for updates, especially the ones that are popular. Apply them according to your sense of duty, and be sure to do it quickly if the updates are intended to fix a published vulnerability. Website hijackers will make sure they are aware of the latest vulnerabilities and will follow any non-patched site.

In 2019 alone, more than 20 million CMS users have experienced security breaches. About 79.6% of well-known websites managed using WordPress, the most widely used CMS, contain vulnerabilities that can be exploited by standard attacks.

Here I am going to provide you with some mastery, to keep your website safe and protected.

Ways to tighten your CMS website security

Enable Two Factor Authentication
This is a great way to protect your website accounts. In addition to providing a password to your account, you will also need to provide an additional code that you will need to create with a personal device.

Restrict the number of login attempts
Controlling the number of login attempts will eliminate brutal force, as well as reduce the risk of hackers and bots gaining access to the system.

Install verified plugins, themes and extensions 
Before installing any web-components(plugins, themes etc..) to your website, think about what the downfalls of the web-components are versus the benefits. Only download web-components from well-rated developers in the community to avoid the risk of malware. Check for updates on the web-components authoritative websites and see how long ago the developer has patched any security issues.

Use a Firewall/WAF
The server hosting your website uses the rest of the untrusted internet to connect to your online files. Going unsafe will led to the website allows to potential viruses. So it’s important to use a firewall on the hosting server. The firewall acts as an additional layer of security to prevent this kind of harm and is useful for tracking suspicious activity

Keep website up-to-date
The CMS website and all web-content related to the websites need to be updated at regular intervals whenever an update is available. Developers often come up with solutions and upgrades that include new security solutions that ensure the website stays away from abusing/phishing etc…

Install an SSL Certificate
Add SSL certificate to enhance the website’s security layers, the SSL certificate is a bit code on the server that provides security between online communications. When a web browser server connects to a secure website, the SSL certificate establishes an encrypted connection.

Monitor your website
If someone injects malicious code into your website, it may interfere with your website’s downtime. However, website monitoring can quickly get you to this problem. It notifies webmasters via text and email at regular intervals.

Scan your local PC
Always, recommended scanning your local computer on a regular basis. Since you are connecting your website back-end from your local PC for activities download the files online or install the executable files, which may seem reliable but come with viruses. Some people can steal your website’s logins and inject malicious files into your website. It is important to perform an in-depth scan of your machine regularly with powerful and reputable antivirus software.

Change your passwords
Increase password strength by changing passwords frequently with special characters and other unique sequences. Changing passwords often oppose details that a hacker might record. Changing passwords means that even if a person has access to your account, they won’t be able to keep track of it for long. Therefore, it is best to change passwords once a week to make your website safer.

How cPGuard can help to protect CMS on your shared servers?

1. cPGuard automatic scanner will scan all the files under each account and thus prevents installing any bad code into the website
2. The WAF module protects the websites from all generic and known web exploits
3. The domain reputation monitoring will help to make sure that there is no harmful contents in your website
4. The brute-force and Captcha modules will stop brute-force attacks against the websites
5. Promptly alert the end-user about the latest attacks through the control panel end-user UI so that they can take proactive actions


Please check https://www.opsshield.com/cpguard-features/ for more details or contact our team to know more…

How cPGuard will help to reduce your admin time?

How cPGuard will help to reduce your admin time?

by | May 14, 2020 | Others

From the release to the latest version, we have released more features out for making the customers to reduce their time for hardening their server security.

The most adorable feature of cPGuard is lightweight as a feather, as you know when feathers grow, they mature into powerful branches of the server. Usually, a security plugin consumes more resources which will cause more problems for the other service running on the server and the admin should need to kill the process manually and start the service again, which will make them more time to work on. Another issue will be the disk usage consumption for the logs created by the plugin and this needs to be cleared out or cropped out in certain intervals. In the case of cPGuard, we have made an efficient algorithm to reduce all these concerns.

The other advantages of using cPGuard which save admin time are below.

  • User Friendly

Simple and Powerful Interface, Easily view all the information and make informed decisions and take fast action from our detailed reports. We have both the admin level and end-user level UI using which you can get all information about your account and run a manual scan on demand

  • Less Spamming

Eliminate up to 90% of incoming spam emails using SRBL, which is a clever RBL based system to reduce emails from known spam sources.

  • Low load spikes on the server

Prevents large scale attacks using Real-time Intrusion protection and reCAPTCHA protection made with Mod-security plus cPGuard WAF. Our Captcha based brute-force protection is one of the unique solutions in the market and stops 99.99% of such attacks.

  • Less hacked websites

We constantly update our scanner engine and rules to catch all latest threats, Our WAF is quite powerful to catch all generic attacks which makes your websites less vulnerable to common attacks. Also the cloud-based Auto Clean system which will automatically send infected files to our cloud-based analysis engine and push a cleaned file back to the server.

  • Less resource

Our powerful smart analytics are carefully designed to have the least consumption on your server performance.

  • Fewer User Complaints

Fewer bugs with continuous integration and works seamlessly with the server environment.

Our engineers are working more on the cPGuard core to develop more security features for tightening the security on the servers.

The most compelling part is customer satisfaction; 99% of our customers are happy with our product/service and we have fewer user complaints. We listen, understand, and learn their situation to resolve their server related security issues. So all our customers have a better experience with our services.

  • You have some suggestions to improve cPGuard?

Sure we love to talk to you, get your feedback, and act on it. You can contact our support team any time and we will handle each of the feedback that we receive seriously.

How cPGuard uses reCaptcha to stop brute-force attacks

How cPGuard uses reCaptcha to stop brute-force attacks

by | Mar 23, 2020 | Others

One of our main customer’s issue is that they are getting abusive traffic to their Website/CMS admin login page and most of the time they are noticing load spikes on their account due to this, on checking the logs they could only realize that most of this requests are generated by robots.

So we are happy to introduce cPGuard reCAPTCHA protection help you find bad traffic on your website without any user conflicts. It gives you a score based on your interactions with your website and gives you more flexibility to take appropriate actions. It uses advanced risk analysis techniques to separate humans & bots and It does this while letting your valid users pass through with ease. In simple words, reCAPTCHAs are designed to prevent automated bots, while reCAPTCHAs are themselves automated and are programmed to pop up at certain places on a website and automatically pass or fail users.

cPGuard reCAPTCHA protection regularly updates its system, and so the spammers also need to update their decoding methods regularly, which can frustrate abusers.?

Now let’s talk about its working, cPGuard reCAPTCHA uses the algorithm assumes you are a human being, it will validate the reCaptcha without further action on your part. If not, it will provide a set of images that you need to sort before continuing.

Looking into this scenario, you are opening a website on any browser which reCaptcha is enabled. Well, this is the same thing – it doesn’t have a checkbox. You will see the field like below GIF Image. If it thinks that you are not a human, as with traditional reCaptcha, sometimes an additional challenge may appear, but with invisible recapture, this happens when you submit the form (the submission sends out once the image test is validated) when you tick the checkbox.

When it identifies that you are not a robot, it sends over an HTTP request with the whole bunch of useful information things like

  • Your IP Address
  • Your country
  • Timestamp

All of these criteria are processed by Machine Learning Risk Analysis, and often the information can tell the difference between a human and a bot, but a small percentage of users often complete an additional challenge if the risk analysis engine is still unsure.

That’s where image recognition cPGuard reCaptcha comes in. If you prove that you are human in this way, then the engine is likely to be remembered and you can go through these things the next time you click on that checkbox.

The main feature of cPguard reCAPTCHA protection is to prevent Brute force attack and this is optional and can enable it on WHM >> cPGuard >> Settings >> WAF page

Brute force attack is a process that involves repeated and repeated attempts to get into a website with various password combinations. Hackers try out different combinations of usernames and passwords until they log in. For their attack, hackers use bots or mechanical tools. Most of the brute force attacks are common against popular CMS platforms like WordPress, Joomla, etc..

Once you enable reCAPTCHA protection in cPGuard, they identify the request which is legitimate and bad ones at the HTTP(Webserver) proportionate and redirect the bad traffic to the Captcha page. This protection algorithm is made with Modsecurity plus cPguard WAF enabled.

The protection works like if the system notice unexpected number of POST requests from a certain IP addresses towards the CMS login page, they requests will be forced to the Captcha page to make sure the requests are legitimate or not. Once verification is completed, the IP address with the genuine request will be allowed in the system and next time they can deliver the traffic without Captcha verification and the other lousy traffic from the IP address will be considered a DoS attack and will the IP address in the ConfigServer Security & Firewall (CSF).

Also, we(cPGuard) have a central blacklisting system which analyzes the whole traffic to the websites and the system sort down the bad traffic from the same and forwards the genuine request to the website after verification. The detected IP’s which are used for bad traffic is added to our central database using a 30-day grace period and if the request comes back from the detected IP’s, it will be redirected to verify the Captcha to continue to the website!

Technology & Development partnership with Malware.Expert

Technology & Development partnership with Malware.Expert

by | Feb 13, 2020 | CPGUARD

Malware.Expert a leading provider well-known for Commercial WAF rules, ClamAV Signatures for PHP and for many other projects under their hood announcing its technology/development partnership with OpsShield, an Indian based development and server management company offering security suite for cPanel servers and other security/management solutions for Linux servers. “We are very excited to join the cPGuard development team and to work with them on their continued effort to make cPGuard the best. Our team in Scandinavia will work closely with OpsShield engineers in each phase of the product development and testing to make sure that the software released will ensure the best result. We hope to bring in our efforts to enhance the scanner engine and virus database module integrated in cPGuard” – said CEO of Malware. Expert

“It is the best news that we can pass to our customers after our initial integration with Malware.Expert WAF in cPGuard. We are getting a very nice response regarding the WAF module and we hope the very same positive vibes can be added by Malware.Expert in other cPGuard modules as well. With our mutual agreement in development and technology sharing, we also can help to contribute to their open/free projects and thus boost the open-source projects. With the new partnership, we hope to see nice improvements in cPGuard core modules in upcoming releases” – said OpsShield CEO Mrs: Kala Karun

OpsShield is now protecting hundreds of cPanel/Linux servers with their security suite cPGuard. In the future, the cooperation will work on cPGuard enhancements, prepare cPGuard to support multiple control panels and other exciting projects like a cloud-based e-mail scanner. OpsShield is now protecting hundreds of cPanel/Linux servers with their security suite cPGuard. In future technology, the cooperation will work on cPGuard enhancements, prepare to offer security to support multiple control panels and other exciting projects like a cloud-based e-mail scanner. Please feel free to contact us if you would like to hear anything more about this.

Free malware scanner for cPanel

Free malware scanner for cPanel

by | Feb 12, 2020 | Most Popular

Scanning files for bad content is often required for server admins when they detect unusual activities under an account. On systems like  a shared server, this happens quite often because the applications installed under various account may leave security holes which let attackers to exploit them and abuse the account privileges. Here I would like to introduce you a few tools which you can use the scan the files without any charges.

ClamAV

ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats and most popular free scanner solution in cPanel world. ClamAV is released under GNU GPLv2 license and maintained by an active group of developers and community members. ClamAV is very versatile and available for multiple platforms like Linux, Windows, FreeBSD, etc and provides options to enable integration easily using LibClamAV. Along with Web files scanning, it is also well known to scan emails for spam and end-point security.

You can use ClamAV’s command-line tool to scan files on your cPanel server. It provides various option to enhance the scanning including the option to add your custom virus databases. There are plenty of providers who use this flexible utility along with their signature database. It is fairly easy to create the virus signatures using ClamAV’s ‘sigtool‘ utility and with various combinations, you can create very powerful virus signatures. You can either use the command-line option to add an additional database or can specify the URL to download signature in the freshclam configuration file. You can use Malware.Expert virus signatures with ClamAV and it can generate excellent results in file scanning. Please refer LINK to read more about all available command-line scanner options.

cPGuard takes advantage of the LibClamAV library to perform signature based scanning. Instead of following the legacy method, we customize the scan method to generate less Memory/CPU foot-print and excellent result.

Maldet

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license and managed by R-fx Networks. This has been available for some time and quite popular to scan files for viruses/malware. Though there is no GUI available for MalDet, it has very powerful commandline utility and it can work with other control panles
as well. This is also using the signature based scanning method in its core and takes advantage of ClamAV if its available. It can be used for manual scanning and provides options to automate the scanner either using a cron job or using the inotify deamon. The configuration available is quite flexible and can enable auto-quarantine, enable e-mail alerts, clean infected files, etc.

also provides configuration to enable ModSec level file scanning during file uploads which is quite useful in many occassions. With its configurable auto-scanning, auto-quarantine and email alert options, MalDet helps server admins to make sure that the files updated are scanned and an action is performed against the detected bad files. MalDet is more powerful along with Malware.Expert virus signatures and you can see noticeable improvements in the file detection rate.

Malware Expert’s Malware Scanner and Removal Tool

Malware Expert is an innovative company which is offering solutions for web hosting server security. It provides various solutions to secure Web traffic using MOdSec rules, reduce brute-force attacks and spam emails using various RBL system, etc. Malware Scanner and Removal Tool is one of the latest solution from them and it is completely free of charge to use on your servers. This tools also use the ClamAV signature scanning engine in its core to scan files. It provides option to scan your directory and automatically clean the infected files. This is a very handy tool to scan your web files and with their custom ClamAV signatures, provides excellent results and can detect major kind of bad PHP files.

This does not provide an option to automate the scanner. But using a simple shell script, you can write a script to automate the scanner and schedule it using a cron job.

Conclusion

The free solutions are a good start to learn and test your scan/analysis skills. Though the free solutions cannot provide you instant files upload scanner and there will be no instant support offered from the developers. You can check the cPGuard security plugin which provides various methods to secure your cPanel server.