Keeping your sites secure is never a once-and-done endeavor. Hackers are constantly figuring out smarter ways to bypass security measures, which is why we’ve introduced some significant enhancements to our existing security systems via our integration of Imunify360 across all Cloudways Flexible servers.
Domain Reputation Monitoring
Picture this: You’re doing everything right—optimizing content, nailing SEO—to rank on Google and drive traffic to your online business. But your rankings aren’t improving. Worse yet, visitors are bouncing off your homepage within seconds.
This could be because your domain is blacklisted on certain open source database which are used by security providers around the world. For instance, if your site is on Googles Safe Browsing blacklist, Google may display a disclaimer stating your site is unsafe, or block your site from appearing on SERPs altogether.
With Domain Reputation, our Firewall (Imunify360) continuously checks your domains against some of the largest open-source blacklists including:
While Google Safe Browsing integration is not currently included, we’re actively exploring its addition to provide even more comprehensive coverage. It’s worth noting that sites flagged by services like Phishtank or Openphish often eventually appear in Google’s database, making our current monitoring system an effective early warning system.
In case your domain is found to be on any of these databases, you will be able to view this from the Domain Reputation Menu within the Security Section under server management.
Note that blacklisted domains can only be viewed by visiting the Domain Reputation section within the Cloudways Platform. In case you would like us to enable Email Bot notifications to notify you when your domains are affected, please let us know by providing feedback at feedback.cloudways.com.
Introducing PAM: Advanced Brute Force Protection
Previously, all Cloudways Flexible servers were protected by a Fail2Ban implementation. This implementation was straightforward, as the service only parsed log files (such as /var/log/auth.log) for failed login attempts.
When a predefined threshold (the number of failed login attempts) is reached for an IP address, Fail2Ban adds a firewall rule in iptables to block that IP for a day. This IP ban was limited to the specific server where it was installed. Once the ban was in effect, the IP simply moved on to brute-force its way onto a new server.
By replacing Fail2Ban with Imunify360’s PAM, we’re connected to Imunify360’s RBL of bad IP addresses trying to brute-force their way into your server. This means malicious attempts from bad IP addresses are blocked proactively without any false positives based on the evidence gathered across millions of servers protected by imunify360.
Brute-force attempts blocked by PAM can be viewed from the “Incidents” section for your server & Application.
Key Advantages of PAM:
- Global IP blocking system versus Fail2Ban’s local server protection
- Proactive protection against password guessing attempts
- Automatic global blacklisting after failed authentication attempts
- Reduced attack frequency through shared threat intelligence
This global approach means that once an IP is identified as malicious on any website protected by Imunidfy360 globally (Whether on Cloudways or not), it’s blocked across our entire platform, providing superior protection compared to our previous approach.
Enhanced Malware Scanning
When we first introduced free Malware Scanning across all Cloudways Fexible servers, we got one singular feedback from the majority of users. Namely, you wanted to be able to identify the specific location of malware identified, especially within databases.
We’re delighted to announce that this capability is now available on our platform. We’ve introduced a new column for table details which you can click to further view the specific Table Name, Table Field, and Row ID where the malicious injection has been found.
Support for Magento Database Scanning
One of the most important features that sets Malware Protection at Cloudways apart from most alternatives is our database scanning feature. Until now, database scanning was supported for WordPress & Joomla, however we’re excited to announce that we’ve extended the support of this feature to Magento 1 and Magento 2, resulting in improved security for Magento applications on Cloudways.
You do not need to take any action to enable this feature as it has been automatically activated.
Coming Soon
We’re actively developing several exciting features to further enhance your security and control:
Enhanced Malware Scanning
- Improved code injection detection including:
-
- File-level malware identification
- Comparison views between clean and compromised code
-
Advanced Security Controls
- Customizable firewall settings including weak password protection
- Configurable DoS protection with adjustable rate limiting (50-250 connections per IP)
- Options for aggressive or standard protection modes
Stay tuned for more updates as we continue to enhance our security features and provide you with the tools needed to protect your applications effectively.
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He's also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.
