Web service protection

Web Features

  • Real-Time Web Service Protection (Apache)
  • Real-Time Web Bot Detection
  • Client Fingerprinting and Automated DDoS Protection
  • Login Protection
  • Shared Login Protection w/ ISP resolve
  • Spam Protection
  • SQL Injection Protection
  • Real-time Web Malware Protection - Stops Execution
  • Web File Upload Malware Protection
  • Blocks business intelligence automation used by your competitors with automatic scan removal request from source.
Get Started

Key capabilities

Easy to Deploy - We do it for you!

Schedule your install today. We'll even install your trial. If you wish to install yourself just simply execute a script on your server and our technology takes care of the rest. For custom environments a configuration file will need to be integrated in your web server. Simple enough.

Real Enterprise Login Protection

Nearly every membership program has a few accounts publicly being used by thousands of people daily. Webiron takes login protection to a whole new level. We block applications designed to trick your system and brute force your passwords. In the event your customer's password is stolen or shared we take care of that too and even punish those attempting to steal from you. 

Top features

  • Works with both basic HTTP and form authentication and is compatible with any web application.
  • We take heavy theft users our of the game for good by working with offenders ISPs to take real action.
  • Stops harvesting and password theft before your customers end up on password share sites.
  • We detect the automation used rather than using extremely oudated methods used elsewhere.
  • Automated reporting to your support (or email support queue) when an account is found to be shared.
  • Automated public password sharing notifications to your support (or email support queue).
  • Automated local script execution for automated customer password changes and notification.
  • Configurable redirect URL to allow for special offers or custom support messages.
  • Each hit is tracked independantly allowing for smoother escalation and decalation.
  • Increase membership signup by closing holes.
  • Decrease bandwith costs due to theft.

Stop Automation Attacks

We are all familiar with identifying a computer by its IP address. We can easily control the flow of traffic using these numbers.  This staple method for controlling firewalls (both hardware devices and software), network devices, intrusion detection systems have worked well for years. Then Malware infections started happening in record numbers.

Bot networks have grown into the millions, attacking at very low rates. Keeping track of them all is nearly impossible so quite a lot gets through to the end. This is where Webiron shines. Webiron does not rely on network data to control bot networks. We’ve developed methods to fingerprint the requesting application and reliably use a single hash to identify the millions of nodes within a bot network.


Stop Bot Attacks

Our proactive methodologies (tied to real-time heuristic algorithms) help us automatically detect threats within seconds and make the entire bot network ineffective. Once a bot network is detected, the network is automatically stopped throughout the entire Webiron community within minutes. This means that once any of the millions of nodes within a bot network moves to your enterprise it’s rejected and handled automatically 24/7/365.


Stops Malware In Its Tracks

Webiron’s ‘real-time’ protection renders website malware useless so you don’t have to scan as often to be protected. Webiron scans web applications in real-time before they are executed and we have the ability to automatically clean or remove the malware file. These actions remove the threat of active malware and the need to scan as often. Once a new piece of malware is detected, the malware becomes immune upon execution and shared (spread) throughout the Webiron community.


Prevent Spam Attacks

Website spam has become the number one problem in hosting environments. Spam drastically drains CPU resources on your systems, cripples database servers, clogs networks, and costs a lot to store. Of all problems in hosting, spam is responsible for most overall performance loss than any other issue.

Some large hosting environments store nearly a terabyte of spam every single day. When the attack stops, the problem still remains. It’s very tough to clean up and can generate millions in ongoing costs for more hardware, employees and lost revenue from unhappy customers. Webiron identifies Spam related bot networks and within minutes of detection, the networks are globally stopped.


Prevent SQL Injection Attacks

SQL Injection attacks are challenging to spot and generally allow an attacker to store, modify or change the output of data against your data. This allows attackers (for instance) to add a new user or change the displayed data on the page. Webiron’s technology looks for such activity and stops it before it can cause damage to your enterprise.


Filling the Holes A/V Software Leaves Behind

Most A/V companies do a good job protecting personal computers, however they are not designed to protect web servers. Most AV software does not decode the embedded code where most malware code injections live or can handle the most basic of backdoor methods.

Webiron technology scans web applications in real-time looking for known malware methods, vulnerabilities, and hack attempts. We also handle embedded code forensics and clean the malware infection automatically once detected. Newly uploaded files are scanned looking for vulnerability test tokens and fresh malware. Once detected the entire Webiron community becomes immune from execution within minutes. Vulnerability test tokens are then handed over to the backend bot network tracking system to block and track the entire bot network from protected systems.


Malware Scanning

The security industry as a whole still relies on the ‘Detect it’, ‘write a scan signature for it’, ‘update the scan software’, and ‘scan the drives for it’ model.

Why it's inefective:

  • Very slow to protect
  • Purely reactive
  • Requires time to process all of the data
  • Can take months to do a single scan in large environments
  • Time delayed on live content if standby filers are used.
  • New malware just replaces the old.

Scanning itself can be a simple DDoS hurting performance!
In today’s hosting and front of site enterprises, hardware is spread pretty thin to save on costs. Scanning against live content can hurt the delicate service balance and greatly affect performance. In a cloud per hour instance the usage can be costly.

Webiron takes a different approach to custom web application protection that makes all the difference. We are able to detect new malware very quickly. Our community approach means that once detected anywhere within our community the malware is made completely inert everywhere our software is installed within minutes.

Webiron’s real-protection renders website malware useless so you don’t have to scan as often to be protected.
Webiron takes a different approach custom to web application protection that makes all the difference. We are able to detect new malware very quickly. Our community approach means that once detected anywhere within our community the malware is made completely inert everywhere our software is installed within minutes.

Webiron scans web applications in real-time before they get executed and has the ability to automatically clean or remove the malware file(requires Webiron A/V). This removes the threat of active malware and the need to scan as often. Scanning is still recommended using our malware scanner to clean up existing inactive malware (requires Webiron A/V). Once a new piece of malware is detected it becomes immune upon execution and spreads throughout the Webiron community.

Malware scanning does not stop new infections
With new infections still happening while scanning is done you never get ahead of the issue. Malware can be around for months waiting on scanning in some large environments.

Webiron inspects new content in real-time as it is uploaded into the system to automatically remove new malware as it enters your network. Injections such as malware, phishing, and SEO code injections are also detected.


Detects & Blocks Content Based Vulnerabilities

We ensure the accuracy of uploaded content by negating malware attempting to exploit content based vulnerabilities. Many of the most well known issues with CMS sites (Wordpress, Joomla, etc) have been related to vulnerabilities in additions to the software that handle media. Webiron ensures uploaded content is as it's advertised, blocking the ability for attackers to exploit such vulnerabilities. This means you're secure from issues found in the future.


Spend Less Time on Your Forensics

Webiron gives you all the data you need to research what an attack attempted to do, the impact of the breach, identify malware for easy cleanup and to follow trends (the who, what, where, why and when).

Our dashboard provides visibility into the attacks against your environment as they happen. We also give you the flexibility to view full enterprise (or single server) levels allowing you to easily navigate and view your attack data.


 

Make your server safe in 5 minutes

© 2015 WebIron - All rights reserved

Member Login