MarbleHost.com, a web hosting company with data centers in USA, United Kingdom and Australia, introduces new generation of the shared web hosting security. To avoid brute force attacks, DDoS attacks and prevent situations when websites with security holes are hacked, MarbleHost.com now offers to all clients who use their shared web hosting services a protection which consists of two levels.
ModSecurity acts as a firewall for web applications that is able to effectively prevent most URL forgery hacker attacks. ModSecurity also helps to reduce forum spamming caused by robots. This feature may be helpful mainly for bloggers using Wordpress with plugins which have some security holes, to forum owners and all webmasters who do not update their scripts to the latest version on regular basis.
Another way how the ModSecurity increases the security of the web hosting service is a brute attack protection. A brute force attack stands for an attempt to guess the username and password of a web application, using a predefined set of usernames and passwords and combining them at random. If the ModSecurity recognizes the brute force attack from particular IP address, the IP address will be blocked for the next 30 minutes. This feature is automatically activated if there are more than 15 failed login attempts from an IP address within 3 minutes.
To help the ModSecurity plugin combat brute force attacks, the MarbleHost.com Free PHP Scripts Installer has been also configured to replace the default "admin" username, which is used by the majority of web applications by default.
The customers can turn on or off this feature using their web hosting control panel.
MarbleHost.com has also minimized the servers' vulnerability by moving all websites to the new cloud hosting platform. This platform is designed to prevent the hack/DDoS attacks by storing applications, emails and databases on a few machines instead of just one.