It's a sad fact that the internet is a hostile place and as a web hosting provider our clients are constantly under attack.
To protect our customers and ensure an uninterrupted service for all of our clients we employ both commercial and in-house created systems. These systems constantly look for attacks and block them at the source of our network to prevent them impacting our clients. Some of the most common types attacks are:
A Brute force attack is when someone attempts to gain access to a resource which is protected by a username and password. These types of attacks use automated systems to keep trying common variations of usernames and password in an attempt to guess the correct combination. Our system detects these types of attacks within 60 seconds and blocks the attack from accessing our network further.
Brute force attacks are targeted at FTP servers, Email accounts and web sites administration areas. As an example, we see around 100 attacks each day targeting Wordpress admin sites. Wordpress has become a favourite target for hackers because it is so widely used and in some cases dormant sites are left vulnerable to attacks because of out-of-date software.
Like the brute force attacks an SQL injection attack will use a brute force method to try to gain access to a database by looking for vulnerable code that allows the hacker to inject special commands which are executed by the database server. These types of injections can lead to usernames and passwords being obtained or whole databases being downloaded.
A denial of service attack is when an attacker tries to stop a service from receiving genuine traffic by flooding it with invalid requests. DOS attacks are normally targeted at websites as a relatively small number of requests can quickly consume all available connections and prevent genuine users from accessing the site. DOS attacks are fairly easy to block as the source IP address can be blocked preventing any further traffic from getting through.