How to optimally protect your hosting project against malware
Malware can lurk practically anywhere on the Internet: on a website, in an e-mail attachment or even on a USB-stick. In the business environment the threat to data security by malware can lead to a loss in sales and web traffic, theft of confidential information and, consequently, the loss of customer confidence. We’ll show you how you can minimize the threat to your infrastructure from malware with little effort.
Viruses, worms, trojans, adware, scareware, ransomware, rootkit, exploit, key loggers, backdoors and spyware – all of these programs fall under the term ‘malware’ because they are united by a common feature: they were only developed for the purpose to harm internet users. Only their individual approach and intent distinguishes them. For example, a virus file attempts to inject malicious code in a program to make it useless and then redistribute itself. Again, spyware and key loggers are trying to spy sensitive information such as bank and customer data, PINs and passwords and then send them to the creator of the malware. Usually the malicious code is first noticed after the PC or the website is already infected.
To protect 1&1 website and customer data
Of course, 1&1 as hosting provider considers itself responsible and protects customer projects from dangers of all kinds on the net, for example by encrypting sites with SSL Certificates from Symantec. Also through provisions such as DDoS Protection, Content Delivery Network (CDN), geo-redundant infrastructure, certification of the 1&1 data centers, powerful firewalls and scanning incoming emails as well as data on the webspace for malware, 1&1 secures your sensitive data and web properties.
Preventive protection against malware
However, as internet users in the public and private sectors, you should still have a careful eye on websites, downloads and e-mails, the usage of any dubious programs and take preventive steps to help counteract the threat from malware:
- The alpha and omega in the defense against all types of malware is up-to-date anti-virus software. Additionally, this protects against access or manipulation using crafted websites. The malware scanner 1&1 SiteLock checks your site including 500 subpages for vulnerabilities, as well as the web application you are using
- An activated firewall protects your server or web project against attacks and unauthorized network access. An upstream firewall is part of 1&1 hosting products as much as the latest SIEM (Security Information and Event Management) and IDS (Intrusion Detection System) / IPS (Intrusion Prevention System) that act as a first barrier in our security network project and protects against attacks. Furthermore, 1&1 server customers have access to the Cloud Panel, a centralized firewall management, enabling firewall rules to be flexibly defined, which can be applied to single or multiple virtual machines simultaneously
- Users should also ensure that all used programs, web browsers and content management systems that are connected to the internet, as well as the operating system, is up to date. Regular updates can help to shutdown known vulnerabilities that transfers malware to your computer. With 1&1 Managed WordPress we install updates automatically.
- The encryption of all data assets and secure transmission in the exchange with external persons and locations are recommended. The 256-bit SSL encryption from 1&1 guarantees a secure exchange of all your website data and emails and safeguards against unauthorized access.
- Secure passwords should be chosen so that they are composed of at least eight randomly generated alphanumeric characters that include numbers, symbols, and uppercase and lowercase letters. Each service should be protected with its own password. Moreover, passwords should not be deposited on the system or on the internet, or shared via email or with third parties. Detailed advice about passwords is available here.
- It is also recommended to make regular external backups of all databases. This ensures that even when infected by malware your data is not lost. Additional protection is provided by automatic backups and snapshots that are regularly created in order to avoid accidental data loss.
Using these preventive steps in combination with the 1&1 security portfolio, data security can be achieved for your business as well as for private Internet usage. All information on the current 1&1 safety campaign, visit https://www.1and1.com/security