How to use the Security Pack / (mt) CDN & WAF


  • Applies to: All Service Types
    • Difficulty: Easy
    • Time Needed: 10
    • Tools Required: None

Overview

This article shows you how to configure basic features of Media Temple Security. This new security suite makes it very easy to protect your sites from malware, blacklists, and other malicious activity. The Media Temple Security Firewall & CDN service will also increase site loading speeds.  

Purchase Media Temple Security via our Security Packs

Adding and Removing Monitored Sites

Adding Sites

Adding and Removing sites is a simple process that's managed via the Security Dashboard. 

1. After purchasing Media Temple Security, log into your Account Center and click on Security Dashboard.

sucuri_1.png

2. Click on Add Site. 

security_add_site.png

3. Add your sites for monitoring, one site per line. Adding a site automatically ques it for a total scan, which will complete within 12 hours. 

security_10.png

Removing Sites

1. log into your Account Center and click on Security Dashboard.

sucuri_1.png

2. Click on Settings for the domain that you'd like to remove. 

security_2.png

3. Click on Remove Website and confirm. 

security_3.png

Monitoring Types and Frequency

Media Temple has highly effective scanners that identify infections, potentially harmful signatures on websites and also code anomalies that may not be known. We offer many types of monitoring, such as Malware, SSL, DNS, and Blacklisting scans.

Malware Monitoring

Our Malware Monitoring identifies obfuscated javascript injections, cross-site scripting, website defacements, hidden & malicious iframes, PHP mailers, phishing attempts, malicious redirects, backdoors, anomalies, drive-by-downloads, social engineering attacks, SEO blackhat spam, pharma hacks, conditional redirects and mobile redirects.

SSL Monitoring

An SSL (Secure Socket Layer) is a certificate on the website that allows for the safe passage of information from the client to the host server via encryption. If your site uses an SSL certificate, it is essential to know the status of the certificate to keep your customer’s identification information safe.

It's rare that your SSL certificate will change, but if it does, you will be alerted to any changes via email.

DNS Monitoring

DNS is a protocol used by computers to communicate. It turns a website’s name (somesite.com, for example) into an internet protocol (IP) address like 123.45.567.891. The name provided by DNS is what we use as humans to read the website name; the IP is what the computers use to communicate.

This monitoring option will monitor the IP address of your website, nameservers and MX records. It’s rare for this information to change, but if it does, we will notify you.

Blacklist Monitoring

Our monitoring automatically checks blacklist APIs and ensures you’ll know when your site is hacked and blacklisted by Sucuri, Google, Norton, AVG, Phish Tank, McAfee SiteAdvisor, and more.

Adjust your monitoring 

1. To adjust monitoring and frequency, navigate to the Media Temple Security dashboard and click on Settings for the domain that you'd like to adjust.

security_5.png

2. Toggle the On/Off switch to activate or deactivate monitoring. Use the drop-down menus in the middle to adjust intervals. 

security_6.png

Creating a Malware Removal Request

Malware remediation is a core function of what Media Temple Security offers. To initiate the support request, you will need to submit a ticket so that our analysts can take appropriate actions.

Media Temple Security periodically scans your sites for malware. If there's a problem, we'll alert you via your security dashboard and a weekly emailed report. You also have the option to open a Media Temple Security support request for any security-related concerns that you may have. 

Instructions

1. Log into your Media Temple AC and click on your Security Dashboard. Then click on the panel of the affected domain. 

security_7.png 

2. Click on Cleanup Now. 

security_8.png

3. Fill out the Malware Removal Request form. The drop-down menu allows you to pick from several different options, including "Received an alert from monitoring."

security_9.png

4. Your malware removal request has been submitted. Please allow up to 12 hours for this request to be processed. If you have any specific questions or comments, you can add them to your ticket using the Add Comment feature. 

Your request will be accompanied by necessary information about your server which is automatically generated. If you are concerned about any of the credential fields, please add a comment to the ticket. 

FTP/SFTP host: This is the name of the server that we will need to connect to.

Username: The username we'll use to log into the server. 

Password: The password associated with the username.

Connection Port: Depending on your server, you might have different port configurations we need to use. By Default, we'll try port 21 for FTP and 22 for SFTP. If you have a unique configuration, we encourage you to add it here so that we can quickly connect. 

Site Directory: This is the path to your website's files. 

Firewall & CDN

The Media Temple Security Firewall bundles the best of a WAF (Web Application Firewall) and an IDS (Intrusion Detection System) to provide the protection required against today's threats and attacks. It runs on top of our high-performance Anycast network infrastructure, giving you a CDN and website acceleration with one solution.

Some of the key features that we offer are:

  • Easy to enable and manage
  • Direct access to our support team to help with Firewall configuration
  • Protection against SQL Injections, XSS, RCE, RFU and all known-attacks
  • Virtual patching and hardening to improve your security posture
  • Full DDoS protection
  • Brute force protection
  • Kicks out malicious bots and vulnerability scanners from going after your site
  • Website Acceleration, caching and CDN. Yes, it will make your site faster

Important:
The Firewall & CDN service only allow connections on ports 80 and 443. Some services, such as the Plesk admin panel or cPanel, are commonly accessed via a different port. To access those services, you can use your Access Domain, or navigate directly to the IP of that service. 

 1. To enable your Media Temple Security Firewall and CDN, log into your Media Temple AC and click on Security Dashboard. Any domains that do not have an active firewall will have it listed under Next Steps.

security_11.png

2. Click on the Firewall tab at the top of the screen. Domains with improperly configured or disabled firewalls are shown in orange. Click on the domain that you'd like to use. 

security_14.png

3. Click on Firewall Status and then click Enabled. Save the new configuration.  

security_15.png

4. If your DNS is managed by Media Temple, you now simply need to wait 24 hours for DNS propagation, after which time your firewall and CDN should be working properly. After propagation, your dashboard will display a green "Service is Activated" banner in the Firewall management section of the domain.

If your DNS is managed elsewhere, please continue to step 5.

security_16.png

5. For your domain to make use of your Firewall and CDN, your domain's A-record must point at the firewall IP. Domains with DNS that is managed at Media Temple will have their settings adjusted automatically. If your DNS is elsewhere, you must manually point the domain's A-record at the Firewall's IP address. The address that you need is listed in the panel of each domain under the Firewall tab.

  • The example below has a Firewall IP of 192.124.249.65. The domain's A-record must be pointed at this address to use the Firewall and CDN service. 

security_17.png

6. Once you have made the update, wait 24 hours for DNS propagation and check the status of your firewall via the security dashboard. After propagation, your dashboard will display a green "Service is Activated" banner in the Firewall management section of the domain.

security_16.png 

As always, if you have any trouble with these features or want to ask questions, please feel free to reach out to our award-winning 24/7 support

Resources

DNS Explained
Premium Security Pack