What is Imunify Av+ and how it works?

What is Imunify Av+ and how it works?

We’re proud to offer ImunifyAV+ antivirus as a security options to our customers can protect their IT infrastructure. ImunifyAV+ is a server security application that integrated directly into our hosting product. It provides malware scanning both malware scanning and cleanup under affordable and budget hosting product. Its not only protect your php base code and frame work but also it protect most popular opensource cms (Content Management System) like WordPress, Drupal, Joomla and many more.

Feature includes:
– Malware detection
– One click malware cleanup
– Management control panel for server admin
– Automatic cleanup option

How to protect your wordpress site from hackers

How to protect your WordPress site from hackers

Set up website lockdown and ban users

A lockdown feature for failed login attempts can solve a huge problem, i.e. no more continuous brute force attempts. Whenever there is a hacking attempt with repetitive wrong passwords, the site gets locked, and you get notified of this unauthorized activity.

Use 2-factor authentication

Introducing the 2-factor authentication (2FA) at the login page is another good security measure. In this case, the user provides login details for two different components. The website owner decides what those two are. It can be a regular password followed by a secret question, a secret code, a set of characters, etc.

Use email as login

By default, you have to input your username to log in. Using an email ID instead of a username is a more secure approach. The reasons are quite obvious. Usernames are easy to predict, while email IDs are not. Also, any WordPress user account is always created with a unique email address, making it a valid identifier for logging in.

Rename your login URL

To change the login URL is an easy thing to do. By default, the WordPress login page can be accessed easily via wp-login.php or wp-admin added to the site’s main URL.

When hackers know the direct URL of your login page, they can try to brute force their way in. They try to log in with their GWDb (Guess Work Database, i.e. a database of guessed usernames and passwords; e.g. username: admin and password: p@ssword … with millions of such combinations).

So, at this point – if you’ve been following along – we have already restricted the user login attempts and swapped usernames for email IDs. Now we can replace the login URL and get rid of 99% of direct brute force attacks.

Adjust your passwords

Play around with the website’s passwords and change them regularly. Improve their strength by adding uppercase and lowercase letters, numbers, and special characters. This password generator is a useful resource.

Change the WordPress database table prefix

If you have ever installed WordPress then you are familiar with the wp- table prefix that is used by the WordPress database. I recommend you change it to something unique.

Using the default prefix makes your site database prone to SQL injection attacks. Such attack can be prevented by changing wp- to some other term, e.g. you can make it mywp-, wpnew-, etc.

Back up your site regularly

No matter how secure your website is, there is always room for improvements. But at the end of the day, keeping an off-site backup somewhere is perhaps the best antidote no matter what happens.

Protect the wp-config.php file

The wp-config.php file holds crucial information about your WordPress installation, and it’s in fact the most important file in your site’s root directory. Protecting it means protecting the core of your WordPress blog.

It gets difficult for hackers to breach the security of your site if the wp-config.php file becomes inaccessible to them.

The good news is that making this happen is really easy. Just take your wp-config.php file and move it to a higher level than your root directory.

Now the question is, if you store it elsewhere, how does the server access it? In the current WordPress architecture, the configuration file settings are set the highest on the priority list. So, even if it is stored one fold above the root directory, WordPress can still see it

Disallow file editing

If a user has admin access to your WordPress dashboard then they can edit any files that are part of your WordPress installation. This includes all plugins and themes.

However, if you disallow file editing, even if a hacker obtains admin access to your WordPress dashboard, they still won’t be able to modify any file.

Add the following to the wp-config.php file (at the very end):

define(‘DISALLOW_FILE_EDIT’, true);

Connect the server correctly

When setting up your site, connect the server only through SFTP or SSH. SFTP is always preferred over the traditional FTP because of its security features that are, of course, not attributed with FTP.

Connecting the server this way ensures secure transfers of all files. Many hosting providers offer this service as part of their package. If not – you can do it manually (just google for tutorials; there’s a lot of stuff out there).

Set directory permissions carefully

Wrong directory permissions can be fatal, especially if you’re working in a shared hosting environment.

In such a case, changing files and directory permissions is a good move to secure the website at the hosting level. Setting the directory permissions to “755” and files to “644” protects the whole filesystem – directories, subdirectories, and individual files.

This can be done either manually via the File Manager inside your hosting control panel, or through the terminal (connected with SSH) – use the “chmod” command.

Disable directory listing with .htaccess

If you create a new directory as part of your website and do not put an index.html file in it, you may be surprised to find that your visitors can get a full directory listing of everything that’s in that directory.

For example, if you create a directory called “data”, you can see everything in that directory simply by typing http://www.example.com/data/ in your browser. No password or anything is needed.

You can prevent this by adding the following line of code in your .htaccess file:

Options All -Indexes. Beside of above points you can install imunifyAV+ on your server to secure your entire site with out any changes on website.

How to configure DNS in Godaddy domain panel

How to configure DNS in Godaddy domain panel

Here’s how you can change your name servers at GoDaddy.
Log into your GoDaddy Account Manager.
Next to Domains, click the Manage button.
Locate the domain you wish to register private name servers for and click the Gear icon, then select Manage DNS:
In the Name Servers section of the Settings tab, click Manage.

How to configure gmail account in outlook 2007?

How to configure gmail account in outlook 2007?

First log into your Gmail account and open the Settings panel. Click on the Forwarding and POP/IMAP tab and verify IMAP is enabled and save changes.

  • Next open Outlook 2007, click on the tools tab > account settings > new.
  • Tick the check box Manually configure server settings or additional sever types > Next
  • Select Internet E-mail – Connect to POP or IMAP server to send and receive e-mail messages.
  • Now we need to manually enter in our settings similar to the following. Under the Server Information section verify the following.
    • Account Type: IMAP
    • Incoming mail server: imap.gmail.com
    • Outgoing mail server (SMTP): smtp.gmail.com
  • Note: If you have a Google Apps account make sure to put the full email address(user@yourdomain.com) in the Your Name and User Name fields.Note: If you live outside of the US you might need to use imap.googlemail.com and smtp.googlemail.com
  • Next, we need to click on the More Settings button.In the Internet E-mail Settings screen that pops up, click on the Outgoing Server tab, and check the box next to My outgoing server (SMTP) requires authentication. Also select the radio button next to Use same settings as my incoming mail server.
  • In the same window click on the Advanced tab and verify the following.
    • Incoming server (IMAP): Either 993 (ssl) or 143 (very infrequently 585 (ssl))
    • Outgoing server (SMTP): Either 25 or 465 (ssl) (very infrequently 2525)
    • Click OK when finished.
  • Now we want to test the settings, before continuing on…it’s just easier that way in case something was entered incorrectly. To make sure the settings are correct, click on Test Account Settings.
  • If you’ve entered everything in correctly, both tasks will be completed successfully and you can close out of the window. and begin using your account via Outlook 2007