Over the past two years, we have been working very hard improving our server management approach and tools we use.  As a result, we are seeing fewer and fewer services impacting events. 

Our monitoring provides us early warning on a number of issues allowing us to resolve them before they have an impact.  This is good news as it leaves our team more time to research further improvements.

Despite these improvements, we are seeing a growing number of tickets related to Web Application Security.   Common issues are:

• Spam Floods
• Malware Attacks
• Overloaded Servers

Since we do not maintain your web application, there is little we can do to correct the underlying cause of these attacks.   Most of the tools at our disposal are reactive not proactive. 

Solutions:Your best defense against these issues is keeping your sites updated.  There are some tools like Manage WP, CMS Commander and others than can help if you have a large number of sites. 

Server-side defenses like ModSecurity are often too unwieldly to manage on systems with a large number of shared hosting sites. ModSecurity can break sites, resulting in a higher support load for you and us.  If you have few sites, then companies like Incapsual and Sucuri provide Web Application Firewalls.

Services:

If you are having repeated issues, you may want to open a special security case with us to evaluate the best solution.  We are provided discount pricing for customers on management plans.  Pricing ranges from $250-500 for most situations depending on the complexity and scope of your operations.  We can help recommend a security strategy with milestones.

With our management plans we do our best to keep things secure, but cleaning up recurring security issues is not covered by the plan.  To prevent additional, unexpected clean up costs in the future, getting an action plan put together now may help reduce long term cost and improve security.