Security of your scripts/files

1

PHP versions used on servers are regularly updated for performances, stability, and especially their security.

Anti Virus / Exploits / Malware

At your level, you can clean your account anytime with an antivirus included in your cpanel account. A virus is not an exploit.

At our level :
1. Server is scanned real-time for virus incoming by FTP, mail and web, but also existing file modified... In these cases viruses are automatically stopped if known, exploits file sand malware are also quarantined when detected. You will be notified by mail by interval of 30 minutes if something was blocked, or potential nocive files detected.

You can have a very basic assessement with such online tools, they are poorly reliable because they don't have access to inner files of sites :
 
2. Server is scanned monthly, and deeper by same system, and you will receive an automatic report by email
we will advise you by mail if needed so that to investigate, and solve these problems... These problems are often the same and are linked to modules/plugins used, which are either deprecated regarding your PHP version, either free and bad quality. You will be notified by mail if something worth to know or look at is detected.
These problems are serious issues for your hosting account to work properly, and must be solved quickly, depending on their gravity, this can lead to suspension of your account. 


If you upload files with PHP / perl vulnerabilities on the server, they will be quarantined automatically, and this can cause rarely that your site that will no longer work, contact us for you give information on quarantined files, then ask the editor a clean file or resume a clean original file. Same for a hacker trying to edit your files from the web, it will be stopped.

NB : you can ask us to run a full security scan of your account any time

Advices :
Security begins from your home PC, because if your website files are infected, you will bring infections to your hosting account again and again... Most of you uses free antivirus which are not what you think, and are useless in term of efficiency...

By experience, we use a professional antivirus with a proven track record, and we encourage you to test and use it :

http://www.eset.co.uk/Home/NOD32-Antivirus 

Suhosin extension

This PHP extension is a pure protection extension of your PHP scripts. It was installed at the server level, and is enabled by default for PHP version 5.2, 5.3 and 5.4. From your cpanel from the PHP Selector, you can activate it for PHP versions above if necessary, and check Suhoshin and validate. Plugins / php modules are those that cause 90% of the problems.
NB : If you encounter a problem on your website, you can disable it from cPanel.


IP blocker

In your cpanel, section security/IP blocker

Analyze your traffic with webalizer/awstats in your cpanel also, track the high volume requests to your website to URL /wp-login.php or else, by dubious countries, and check IP informations : https://apps.db.ripe.net/db-web-ui/#/query

Take action by blocking the IP forever without any hesitations !
Read :
https://support.yoorshop.hosting/knowledgebase/1500/How-to-fight-against-junk-bot-traffic.html 


WordPress users

https://support.yoorshop.hosting/knowledgebase/1302/Mandatory-Security-Measures-for-WordPress-to-apply-on-our-servers-.html