The firewall normally screens network connections of the server and helps avoiding unauthorized access.
ISPmanager allows to configure filters for network connections with various services according to specific rules applied by the firewall.
A rule is an approving or prohibiting action applied when server connection is initiated. You can allow connection only for those programs that indeed require it.
Find more detailed information in our documentation.
Use encryption to secure user connection with your website.
In order to secure data transfer between users and the server, set up SSL encryption. Purchase the appropriate SSL certificate or integrate with Let’s Encrypt, the free SSL service.
Search systems can lower organic results of your website if it doesn't have a certificate, while some web browsers can consider its pages insecure and block them.
Find more information on types of SSL certificates and the installation process in the section SSL certificates.
ISPmanager has the built-in tool for DDoS protection. This tool sets the limit on the request processing speed per the specified key, or the processing speed for requests coming from one IP address.
You can enable DDoS protection in ISPmanager for Nginx servers only.
You can also use integration with DDoS-GUARD, the provider of DDoS protection, for the profound website security against HTTP(S) flooding.
When the DDoS-GUARD module is installed, all inbound traffic is sent to DDoS-GUARD servers. Suspicious activities are blocked, so only secure requests can reach the server with your website.
Use our integration module with Virusdie antivirus to scan server files and websites for viruses, trojans, and spam bots.
This module allows to find the infected files and cure them automatically, without any delays with your websites. Virusdie can also detect and delete redirects, shells, and trojans.
Full security is paid, but you can establish one free scan per month.
OS kernel security
Use KernelCare to provide proper security of the Linux kernel. This service can be utilized on dedicated servers or KVM machines only.
It checks for kernel updates every 4 hours and installs security patches automatically without the necessity to reboot a server. If you have KernelCare, it would be difficult for hackers to find a vulnerability.
You can buy and install a KernelCare license right from your ISPmanager.