Introducing StopTheHacker

Web servers have always been tasty targets for hackers because they’re fairly powerful computers, connected to very fast network connections. Web servers are generally quite secure on the system level, so hackers turned to looking for exploits in the code running websites on the server.

In the early days of the web, it was mostly only large-scale professional websites running code on the back-end, but in recent years that’s changed. There’s lots of freely-available web application software “off the shelf” that anyone can use to set up a dynamic website.. DreamHost has  championed that through our easy 1-click installer. That’s been a boon for the web and for our customers, but as a result, web security became a big problem.

Introducing StopTheHacker

DreamHost has multiple levels of web security built-in for customers, including our mod_security web firewall, system level security monitoring, regular scanning for “bad” files, and a team dedicated to monitoring the latest threats. To augment our own expertise and tools, we’ve teamed up with StopTheHacker and brought their fantastic web security tools to our customers. They are now providing complete reputation and blacklist monitoring to all of our hosted websites – plus, it’s completely free!Just enable it within our web panel and you can optionally upgrade for features like automatic malware detection and removal.

Pink Sherbet Photography - http://www.flickr.com/photos/pinksherbet/8271642823/

photo by Pink Sherbet Photography

 

Software a Nerd Could Love

We really like StopTheHacker’s approach to malware detection because their technology uses super-nerd techniques like Machine Learning (ML) and Artificial Intelligence (AI). (Geek magic!)That means it can identify forms of malware that it’s never seen before. Their system actually learns from the malware it finds. Then, it adapts automatically as the threat landscape changes. And that really sets it apart from other solutions, and is just very cool on top of that!

Intelligent malware detection is just one part of the problem, though.  StopTheHacker also automatically removes infected bits of code from your website. Even without that optional feature enabled, StopTheHacker shows you exactly where in your code you can find malware.  If you’ve ever had a website hacked, and had to spend hours digging through code to figure out where the malware was, this probably sounds like a big piece of awesome cake with a tall, cold glass of amazing. And that’s exactly what we think, too!

Wow, What Does StopTheHacker NOT do?

While StopTheHacker does a great job of identifying, locating, and removing malware from your website, it cannot plug security holes that hackers exploit in the first place. It greatly limits damage a hacker can cause and can identify common configuration problems, but it can’t tell you if your code itself is insecure.

If you’re using 1-click install software, DreamHost can help keep the core application code up to date, but any extra plugins you add are your responsibility. StopTheHacker is just another useful tool in the website owner’s box – which will make your life easier.

The reputation and blacklist monitoring is free to all DreamHost customers so go enable it right now! That’ll let you know as soon as your site is noticed as a source of malware, and knowing’s half the battle.