iManila Help Center

Hosting Solutions

Website Protection

Tools

Hosting

Our hosting solutions are engineered for powerful and reliable performance online. From shared and dedicated hosting to SSL certificates and web security and backup, you can rely on our solutions to provide 99.5% uptime and availability whenever, wherever!

Technical Support

Our IT specialists provide your business with solutions to help with common software and hardware issues across all devices whether on desktop, laptop, or on mobile.

Digital Marketing

Expand your reach online, and efficiently hit business objectives by implementing strategic digital marketing campaigns.

Web

In this digital age, a well-designed website is a game changer. But "well-designed" doesn't just mean aesthetics, but overall user experience. We create highly-functional websites that can support your business objectives -- whether that means driving awareness, lead generation, or even sales.

Tag: security

What is CloudLinux?

Written on . Posted in Other.

Overview

CloudLinux was released to the market in 2010. Today, it is a must-have for any web host who cares about stability, security, and churn. It is used by more than 2,000 hosting companies on 20,000+ servers. CloudLinux is interchangeable with CentOS so any SysAdmin will feel right at home. Yet, it was specifically optimized for shared hosting. Web hosts that use CloudLinux report higher uptime, significant improvements in density (as much as 5x), 4x decrease in number of reboots, and 10x decrease in number of account suspension they have to perform. It has also produced a significant decrease in churn for a number of customers.

The software specifically made for web hosts running cPanel control panel with multiple accounts. If you are a shared host, or a design company that has to host sites on behalf of the client – CloudLinux is your friend.

CloudLinux + cPanel =

  • Improved stability by limiting the resources any single user can consume
    In shared hosting, the most common reason for downtime is a single account slowing down other accounts on the server. Using cPanel & WHM software with CloudLinux utilizes innovative Lightweight Virtual Environment (LVE) technology, improving the density and stability of your shared hosting environment for all tenants.
  • Advanced server security
    With unique CageFS technology, CloudLinux encapsulates each customer, preventing users from seeing each other and viewing sensitive information. It also prevents a large number of attacks, including most privilege escalation and information disclosure attacks.
  • Increased server efficiency
    By monitoring and containing resource spikes, CloudLinux eliminates the need to leave server resources idle, providing you with the ability to host twice as many accounts on your cPanel & WHM server.
  • Multiple PHP versions
    Using CloudLinux together with cPanel & WHM software gives your customers with the flexibility to choose the PHP version that they need.
  • Hardened kernel
    The shared hosting environment is unlike any other and the CloudLinux kernel takes that into account. It can protect against symlink attacks and trace exploits, while restricting the visibility of ProcFS to only what is necessary — making your cPanel & WHM servers more secure.

reference: https://blog.cpanel.com/what-is-cloudlinux/

What is CageFS?

Written on . Posted in Other.

Overview

CageFS is one of the core features of CloudLinux. It is a virtualized, per-user file system that uniquely encapsulates each cPanel users, preventing users from seeing each other and viewing sensitive information. CageFS prevents a large number of attacks, including most privilege escalation and information disclosure attacks. It is design to add security to cPanel-based shared hosting environment.

With CageFS

  • Users only have access to safe files.
  • Users cannot see other users and have no way to detect the presence of other users or user names on the server.
  • Users cannot see server configuration files, like Apache config files.
  • Users have a limited view of their own processing file system, and cannot see other users’ processes.

What is imunify360?

Written on . Posted in Other.

Overview

imunify360 is a complete Six-Layer Security that is installed to iManila shared servers. It protects our websites from different digital attacks. Imunify360 is an automated security solution, powered by AI and Proactive Defense, that will protect your web servers from infections, maintain secure kernels, and keep you in the know with relevant information.

  • Advance Firewall
    Imunify360 offers advanced firewall protection that uses cloud heuristics and artificial intelligence to detect new threats and protect the servers that run the software. The firewall is capable of defending against brute force attacks, DoS attacks, and port scans.The firewall tightly integrates with mod_security web application firewalls to dramatically enhance its usefulness. In combination with WAF, we can stop the majority of web application attacks even before they start. An advanced Captcha system is employed to reduce false positives and make sure that valid customers can reach your website.
  • Intrusion Detection and Protection System (IDS)
    Imunify360 features an excellent Intrusion Prevention System (IPS) with a comprehensive collection of “deny” policy rules to quickly block all known attacks, especially those using a common or well-known exploit tool.The Intrusion Detection System (IDS) provides excellent visibility of server security by monitoring server logs. It scans log files from all different angles and bans IPs that show malicious signs, such as password failures, potential exploits, etc. It helps protect your server from attacks and reports to the Imunify360 dashboard.

  • Malware Detection
    Over 68% of hosting providers say that malware infection is a top issue for their customers’ web servers.    Imunify360 automatically scans file systems for malware injection and quarantines infected files.

  • Proactive Defense
    Imunify360’s Proactive Defense (previously known as Sandboxing) protects websites against zero-day attacks – it stops even the malware that no scanner is able to detect. It identifies attacks on your Linux web servers in real time, then blocks potentially malicious executions automatically and with zero latency.    Proactive Defense uses a unique method of identifying security risks – it analyzes what scripts do rather than what is actually in the code.

image from imunify360.com

  • Patch Management

    Rebootless Secure Kernel
    Rebootless Secure Kernel powered by KernelCare is a component that keeps your server secure by automatically patching kernels without having to reboot the server. Its agent checks for new patches every four hours and automatically applies them to the running server without any performance impact. KernelCare keeps your kernel updated to help you avoid disastrous incidents.
    Hardened PHP
    Hardened PHP is a component that ensures your web server security by patching all PHP versions against known vulnerabilities, allowing you to run any version of PHP without having to update programs to accommodate newer versions.

cPanel ModSecurity

Written on . Posted in FAQs.

Overview
ModSecurity is an open-source web-based firewall application (WAF) supported by different web servers like Apache, Nginx and IIS.

Usage
The module is configured to protect web applications from various attacks. ModSecurity supports flexible rule engine to perform both simple and complex operations. It comes with OWASP (Open Web Application Security Project) ModSecurity™ CRS (Core Rule Set). The OWASP ModSecurity™ CRS is a set of rules that Apache’s ModSecurity™ module can use to help protect your server. While these rules do not make your server impervious to attacks, they greatly increase the amount of protection for your web applications.

It comes with a Core Rule Set (CRS) which has various rules for:

  • cross website scripting
  • bad user agents
  • SQL injection
  • trojans
  • session hijacking
  • other exploits

Why should I use the OWASP ModSecurity rule set?

  • Protection from insecure web application design — ModSecurity rule sets can provide a layer of protection for web applications such as WordPress, phpBB, or other types of web applications. It can potentially protect against vulnerabilities in out-of-date web applications that protect against vulnerabilities in unpatched, out-of-date applications. If the developer of an application makes a security mistake, ModSecurity may block a security attack before it can access the vulnerable application.
  • Protection against operating system level attack — ModSecurity rule sets can protect against attacks that exploit the operating system of your server. For example, in 2014, there was a security flaw in the Bash shell program that Linux servers use. Security experts created ModSecurity rules to disallow the use of the exploit thought Apache. Server administrators used these ModSecurity rules and added additional security to their system until the release of a security patch for Bash shell.
  • Protect against generalized malicious traffic — Some of the security threats that server administrators face may not directly attack a program or application on your server. DoS (Denial of Service) attacks, for example, are common attacks. You can reduce the impact of such malicious traffic through the use of ModSecurity rules.

What are the risks?
As with any mechanism that blocks web traffic, OWASP rules could block legitimate traffic (false positives). While both OWASP and cPanel, L.L.C. aim to curate the OWASP rule set to reduce the potential for false positives, the rule set may block legitimate traffic.

Let's work together!

Make the first move! Let iManila help you maximize your presence online.

Just fill out your contact details and tell us what you need, then we’ll be sure to get back to you as soon as possible.



 

About

Connect with us

Services

Get in touch

Quicklinks

Terms and Conditions | Privacy Policy
Copyright © 2023 iManila