All of us want a safe web hosting experience, especially if our business and confidential information is being regularly transacted. We often take it for granted that we are being protected by our web hosts security mechanisms. But have you ever stopped and wondered what all threats are you insulated from? This article points out the number of threats that are being fought by your web hosting provider on a daily basis, to secure your website and emails.
While this may seem quite common, you may surprised at how neglected this area of security is. When your local computer is at risk, you jump to take action, but when the threat is not very proximate, procrastinating the scan is more popular. Web hosts need to regularly scan mail, especially with attachments, to prevent the spread of viruses and malware over the internet. Your control panel should be having a virus and malware scanner which the admin can use to scan the hosting account.
Attacks on various network ports to see if any service can be easily accessed is common for a web host. Seeing the logs of some servers will surprise you, with ports scans being done every few seconds to check if the server is improperly configured or there is a vulnerability which can be exploited. We hosts use firewalls to determine and block suspicious activity to keep the server and network safe.
Brute Force attacks are also very common, especially no mail servers. The attacker tries various username and password combinations to try and get hold of an email account. Once the email account is compromised, the attacker can send out spam and mass mail without disclosing his own identity. Email servers are bombarded every few seconds with brute force attacks on random accounts or even non-existent accounts. While the success rate maybe very low, even one successful email account being exploited can result in the sending out of thousands of mails.
Denial of Service Attacks and Flooding is usually targeted towards a popular website or high-traffic portal. In these types of attacks, the attacker attempts to flood the website with dummy requests so that the site becomes overloaded or inaccessible. These attacks are mainly to harass the users and visitors of a website or just as a show of strength by the attackers. Web hosts use Firewalls, DNS Services and even special Network Hardware to thwart these attempts. DoS attacks can also come from multiple sources and IP Addresses and flood the victim server called a Distributed Denial of Service Attack or DDoS. Similar mechanisms are used to counter these attacks too.
Some website owners like to experiment and try their hand at coding. This experimentation can be quite detrimental to other users on a live server. To prevent other users from being deprived of the shared server resources, webhosts often rate limit accounts which show such misbehaviour. This helps to balance the load on a server and prevents a single account from consuming all the resources like RAM and CPU. Another threat that web hosts need to deal with is SQL Injection. Often bad coding on a website leads to the entire database and website being split open by attackers. Usually these websites do not have any really confidential information (or else they would have been coded better) to be stolen from the database, but no web host likes to have a compromised account on his network. Web Application Firewalls are used to prevent such type of attacks before they happen. Even if your website is badly coded, low level attacks are automatically prevented at the server level.