Overview
This article shows you how to configure basic features of (mt) Security Pack. This new security suite makes it very easy to protect your sites from malware, blacklists, and other malicious activity through the use of a Content Delivery Network (CDN) and Web Application Firewall (WAF).. The (mt) Security Pack CDN & WAF service will also increase site loading speeds.
This service can be purchased via our (mt) Security Pack homepage.
Adding and Removing Monitored Sites
Adding Sites
Adding and Removing sites is a simple process that's managed via the Security Dashboard.
1. After purchasing (mt) Security Pack, log into your Account Center and click on Security Dashboard.
2. Click on Add Site.
3. Add your sites for monitoring, one site per line. Adding a site automatically queues it for a total scan, which will complete within 12 hours.
Removing Sites
1. Log into your Account Center and click on Security Dashboard.
2. Click on Settings for the domain that you'd like to remove.
3. Click on Remove Website and confirm.
Monitoring Types and Frequency
Media Temple has highly effective scanners that identify infections, potentially harmful signatures on websites and also code anomalies that may not be known. We offer many types of monitoring, such as Malware, SSL, DNS, and Blacklisting scans.
Malware Monitoring
Our Malware Monitoring identifies obfuscated javascript injections, cross-site scripting, website defacements, hidden & malicious iframes, PHP mailers, phishing attempts, malicious redirects, backdoors, anomalies, drive-by-downloads, social engineering attacks, SEO blackhat spam, pharma hacks, conditional redirects and mobile redirects.
SSL Monitoring
An SSL (Secure Socket Layer) is a certificate on the website that allows for the safe passage of information from the client to the host server via encryption. If your site uses an SSL certificate, it is essential to know the status of the certificate to keep your customer’s identification information safe.
It's rare that your SSL certificate will change, but if it does, you will be alerted to any changes via email.
DNS Monitoring
DNS is a protocol used by computers to communicate. It turns a website’s name (somesite.com, for example) into an internet protocol (IP) address like 123.45.567.891. The name provided by DNS is what we use as humans to read the website name; the IP is what the computers use to communicate.
This monitoring option will monitor the IP address of your website, nameservers and MX records. It’s rare for this information to change, but if it does, we will notify you.
Blacklist Monitoring
Our monitoring automatically checks blacklist APIs and ensures you’ll know when your site is hacked and blacklisted by Sucuri, Google, Norton, AVG, Phish Tank, McAfee SiteAdvisor, and more.
Adjust your monitoring
1. To adjust monitoring and frequency, navigate to the Media Temple Security dashboard and click on Settings for the domain that you'd like to adjust.
2. Toggle the On/Off switch to activate or deactivate monitoring. Use the drop-down menus in the middle to adjust intervals.
Creating a Malware Removal Request
Malware remediation is a core function of what (mt) Security Pack offers. To initiate the support request, you will need to submit a ticket so that our analysts can take appropriate actions.
(mt) Security Pack periodically scans your sites for malware. If there's a problem, we'll alert you via your security dashboard and a weekly emailed report. You also have the option to open a support request for any security-related concerns that you may have.
Instructions
1. Log into your Media Temple Account Center and click on your Security Dashboard. Then click on the panel of the affected domain.
2. Click on Cleanup Now.
3. Fill out the Malware Removal Request form. The drop-down menu allows you to pick from several different options, including "Received an alert from monitoring."
4. Your malware removal request has been submitted. Please allow up to 24-72 hours for this request to be processed. If you have any specific questions or comments, you can add them to your ticket using the Add Comment feature.
Your request will be accompanied by necessary information about your server which is automatically generated. If you are concerned about any of the credential fields, please add a comment to the ticket.
FTP/SFTP host: This is the name of the server that we will need to connect to.
Username: The username we'll use to log into the server.
Password: The password associated with the username.
Connection Port: Depending on your server, you might have different port configurations we need to use. By Default, we'll try port 21 for FTP and 22 for SFTP. If you have a unique configuration, we encourage you to add it here so that we can quickly connect.
Site Directory: This is the path to your website's files.
WAF & CDN
The (mt) CDN WAF bundles the best of an IDS (Intrusion Detection System) with a WAF (Web Application Firewall) to provide the protection required against today's threats and attacks. It runs on top of our high-performance Anycast network infrastructure, giving you a CDN and website acceleration with one solution.
Some of the key features that we offer are:
- Easy to enable and manage
- Direct access to our support team to help with Firewall configuration
- Protection against SQL Injections, XSS, RCE, RFU and all known-attacks
- Virtual patching and hardening to improve your security posture
- Full DDoS protection
- Brute force protection
- Kicks out malicious bots and vulnerability scanners from going after your site
- Website Acceleration, caching and CDN. Yes, it will make your site faster
Important:
The CDN & WAF service only allow connections on ports 80 and 443. Some services, such as the Plesk admin panel or cPanel, are commonly accessed via a different port. To access those services, you can use your Access Domain, or navigate directly to the IP of that service.
1. To enable your (mt) Security CDN & WAF, log into your Media Temple account and click on Security Dashboard. Any domains that do not have an active firewall will have a message indiciating the firewall status.
2. Click on the Firewall tab at the top of the screen. Navigate to the desired domain and click Settings.
3. Click on Firewall Status and then click Enabled. Save the new configuration.
4. If your DNS is managed by Media Temple, you now simply need to wait 24 hours for DNS propagation, after which time your firewall and CDN should be working properly. After propagation, your dashboard will display a green "Service is Activated" banner in the Firewall management section of the domain.
If your DNS is managed elsewhere, please continue to step 5.
5. For your domain to make use of your CDN & WAF, your domain's A-record must point at the firewall IP. Domains with DNS that is managed at Media Temple will have their settings adjusted automatically. If your DNS is elsewhere, you must manually point the domain's A-record at the Firewall's IP address. The address that you need is listed in the panel of each domain under the Firewall tab.
- The example below has a Firewall IP of 192.124.249.65. The domain's A-record must be pointed at this address to use the CDN & WAF service.
6. Once you have made the update, wait 24 hours for DNS propagation and check the status of your firewall via the security dashboard. After propagation, your dashboard will display a green "Service is Activated" banner in the Firewall management section of the domain.
Additional features
Once you have enabled the Firewall, you will have a multitude of additional features included to help secure your website:
- Overview: View information such as your hosting IP or firewall IP.
- Overview (Global): View overall settings of your firewall.
- Hosting IP Addresses: If your site runs on multiple servers.
- Failover Server Timeout: Adjust timeframe the system believes the server is unhealthy.
- Maximum Upload Size: Control the allowed size of uploads through the firewall.
- Domain Alias: Allows you to add alias domains to be redirected via 301 to your site.
- Content Delivery Network (CDN): If you wish to have additional CDNs outside the built-in CDN/WAF.
- Access Control: Whitelist/Blacklist IPs, URLs, block User-agents, protect pages, enabling geo blocking.
- Security: Enable DDoS protection, block proxies, adjust security level, etc.
- HTTPS/SSL: View your SSL, adjust HTTPs, or upload a custom certificate.
- Performance: Adjust caching, clear cache, etc.
- API: View API of the above options.
Sucuri Security Plugin
In addition to the (mt) Security Pack / CDN & WAF features available in your Media Temple account, Wordpress sites also have access to the Sucuri Security Plugin. A popular feature available with this plugin, is the ability to clear the cache when a post or page is updated.
- Ensure that you've enabled the Firewall.
- While still in the Firewall section of the (mt) Security Pack / CDN & WAF, scroll to the bottom of the page and click API.
- Copy the API Key (for plugin), as we will need this information later.
- Log into your site's WordPress Admin Dashboard.
- Install and activate the Sucuri Security Plugin.
- Locate the Sucuri Plugin in the sidebar. Then click Firewall (WAF).
-
Paste the API Key (for plugin) we found in Step 3. Then click Save.
- Click on the Clear Cache tab.
- Enable the option to Clear cache when a post or page is updated.
- That's it! Your site's cache should now clear when a post or page is updated.
As always, if you have any trouble with these features or want to ask questions, please feel free to reach out to our award-winning 24/7 support.
