Proactive Protection
This tool combines technical and organizational measures to fight all known and unknown malicious programs. This technology increases security of web-based applications.
Benefits:
- Activity Controls
- Authorized Sessions Protection
- Intrusion Logs
- IP-based Control Panels
- One-Time Passwords
- Script Integrity Monitors
- Security Panel with levels
- Stop Lists
- Web Application FireWalls
The Web Application Firewall protects websites from most web attacks. The filter sees dangerous threats in incoming requests and blocks them. The Filter is the most effective tool to guard against possible security problems in a web project implementation and fully analyzes all data received from visitors in variables and cookies.
Note: some harmless actions may be considered suspicious and cause the filter to react.
- blocks site intrusion;
- configurable firewall options to intrusion attempts;
- delete unsafe data;
- filter exclusion list via wildcards;
- inform administrator about intrusions;
- keeps attack logs;
- latest updates;
- make data safer;
- protect from possible security errors;
- protection from most web attacks;
- recognize dangerous threats;
- screen web applications from persistent attacks;
- temporarily add attacker’s IP address to the stop list;
Improve the site security significantly with Proactive Protection module presets and tips about any parameter that may need configuration.
- activity control;
- CAPTCHA procedure;
- change of session identification;
- Control Panel protection;
- control script integrity verification
- error logging;
- high security level for administrators;
- Kernel module event logging;
- one time password sessions;
- database session storage;
- proactive filter, site-wide;
- weekly intrusion log;
Intrusion log.
Register all events occurring in the system including uncommon, suspicious and malicious events, in real time to view the events as soon as they have been registered. Discover attacks and intrusion attempts, respond immediately and prevent attacks.
- Detect logs attacks by the proactive filter:
- filter malicious events;
- immediate reaction to malicious events
- Immediate registration of all system events;
- PHP, XSS and SQL injection attacks;
- view and analyze events in real time to prevent future attacks.
One-time passwords for any site users that are especially recommended by the site administrators to significantly improve security of the “Administrators” user group.
This technology creates a token, which is a hardware device that generates a unique password only when a token button is clicked. This token owner cannot tell the password to third party to allow them authorize as well.
Features:
- authorization with a login and a compound password;
- empower web project security;
- extend OTP authentication;
- hardware tokens;
- software OTP;
- synchronize the token and server generator counters when synchronization is lost.
- use two consecutive OTP passwords generated by a token;
File integrity control:
- track file system changes;
- verify integrity of public files, kernel integrity & system area integrity;
Verification of the file integrity control script:
- verifies file integrity control script for changes;
- protects script using the keyword and password pairs.
Control Panel protection:
- Users can manually supply the allowed IP addresses and the address ranges.
- recognize the user’s IP address automatically;
- restrict access to Control Panel from any IP’s except those on the white list;
Session protection:
- eliminates bad temporary folder permission settings, virtual hosting and OS configuration errors;
- limited session lifetime (minutes);
- renders session ID hijacking impossible;
- network mask associated with a session with a specific IP;
- recurring session ID relay;
- reduced file system stress;
- storage of session data in the module database.
- Other various protection methods;
Activity control:
- setting of a maximum possible visitor (human) activity quota;
- block visitors exceeding activity quota;
- prevent brute force attacks on passwords;
- protect from bots and DDoS attacks and from profusely active users;
- register activity quota violations as events in the intrusion log;
- show a special information page to a blocked visitor;
Stop list:
- allow specification of the ban duration for users, IP addresses, network masks, UserAgent’s and referrer links;
- block visitors with IP addresses;
- collect statistics on visitors matching the criteria;
- redirect visitors matching the entries;
- show customizable messages to blocked visitors;
- stop list entry management;
Phishing Protection:
- Show redirection warning to a visitor;
- Unconditionally redirect visitors to safe sites
- Recommend high security level;
