WordPress is by far the most popular CMS today. However, this popularity has an unfortunate side effect of also making WordPress sites extremely exposed to potential attacks. It means quite a huge challenge to web hosting providers to keep the hackers out of their business. Fortunately, this task is not impossible.
https://kinsta.com
Our great partner, Mijn Websitehosting has over 14 years of expertise in this field and chose BitNinja to help them successfully protect their customers.
Read on to learn about their struggles, before they stepped on the road to success.
Background
Mijn Websitehosting is a Dutch hosting provider, serving over 18,000 satisfied customers with web hosting, domain registration, VPS and other connected solutions. Also, customers do not just have to rely on their hosting expertise, because they provide an extended network of copywriters, designers, programmers, and VoIP specialists to help their customers run successful businesses.
They focus on what they are good at WordPress hosting.
Since they are specialists in this field [founded in 2005], they know the good and bad sides of the CMS as well. WordPress is the No.1 CMS on the market, serving 59% of all websites, meaning hundreds of millions of them. However, being popular among website builders also made WP a common target for hackers. This popularity gives attackers an easy way to find vulnerable websites due to outdated software, nulled templates and plugins, unprotected admin pages, etc.
At Mijn Websitehosting, you’re assured to get a fully secured environment and ensures that it is always up-to-date. But it wasn’t always like that.
Challenges
Managing such a complex environment with a fast-growing customer base is a big challenge on it own. So, when it comes to security - requiring deep knowledge in that area -, it poses several questions to the CTO and their Linux team:
How do we recognize compromised hosts before the customers do?
How do we do the troubleshooting and root cause analysis faster?
Should we monitor malicious connections ourselves?
Where do we find a security solution which runs unnoticed and does not impact the performance of the servers either?
“As you can guess, the major problem for Mijn Websitehosting originated from our clients out-of-date WordPress sites. Also, we had a high volume of BAD traffic from botnets on the nodes, resulting in high overall server load.” - Said B. Timmerman, Owner of Mijn Websitehosting.
He also added:
“We tried several solutions to fix our security issues for good. However, neither Imunify360 from Cloudlinux, nor Atomic Secured Linux could solve our problems. That’s when we tried BitNinja after several forum recommendations from other web hosting providers and it totally transformed our security.”
Solution
They knew that they had to look for an ultimate solution quickly, because attacks continued to happen and after trying software that kept failing it just took more of their time and left a bad taste in the mouth of the team and the customers.
That’s when they bumped into BitNinja – who were promising overall protection and an outstanding feature set – when googling for a way to get out of this situation for good.
Since BitNinja was easy to implement and get started with it imposed no difficulties to the Mijn Websitehosting team during their onboarding. The process was smooth and intuitive, but what was most important – as they couldn’t afford to waste any more time - BitNinja was powerful enough to launch and test the results within only 24 hours. They saw immediate value in BitNinja and have been using it ever since.
The Mijn Websitehosting team found these features to be especially useful and helpful during the decision-making process:
The WAF setting options makes them able to set exceptions and harden the protection level for individual locations and the pre-set pattern sets help a lot with it. This is key to keep false positives - hence the number of user complaints low.
The IP Reputation module itself provides them robust, auto-pilot baseline protection for blocking bad traffic by itself. Plus the other 8 modules.
The agent is fast and not using much load (IO) on their servers.
The software is always up-to-date and keeps the servers protected against the newest vulnerabilities.
Now they have a team of three system administrators, who work collaboratively with BitNinja on their most important 10 servers daily through
the Admin Panel where they can see the real-time attack attempts and can handle all their server configuration from one place,
and the CLI via SSH, which makes single actions easy-to-run.
Results
“We love the Admin Panel, where the team can take a look at what happened on the machine if something gets blocked. By using BitNinja, it’s way faster for us to find issues and malware, which means less time, less cost.
Every relevant information is collected by BitNinja and can be easily found on the Admin Panel, so our whole security response process became faster, and customers get quick response. Before BitNinja, we had to search for hours on every machine to find the issue and any correlations.” - said the Owner.
However, the reduced infection rate and average response time are not the only fields where BitNinja caused a positive surprise.
“Most security programs like Imunify360 or Atomic Secured Linux we tried to take a high IO off the nodes so we needed more and more machines to deal with it. But the load is dropped by 30% after we started using BitNinja Security to keep bad traffic out of our nodes, which means fewer machines = more profit.
We are much better protected as before, and the load has no impact on the servers.” - he added.
Are you still not convinced?
Why don’t you try BitNinja for free? Register for the 7-day trial and enjoy the layered protection. Come and erase your security issues from your to-do list for good.
If you have any questions, please contact our team at info@bitninja.io. We are always happy to help.