Protecting your websites & our servers

Techno Joy has always gone that extra mile when it comes to security of both our customers' websites as well as our servers. We'll go as far to say that there are probably no other hosting providers in New Zealand who do what we do!

The internet can be a very dark place. Hackers account only for a very small percentage of internet users, but they do account for a significant amount of internet traffic. They are also responsible for a lot of damage to websites, digital infrastructure, and can do serious harm to businesses.

In April 2016, Google announced that it had detected 761,000 hacked websites in one year between July 2014 and June, 2015, and these are just the ones they detected (there will be many more)!

Why do hackers hack websites?

There are many reasons, including:

  1. Stealing user information - this can then be sold
  2. Hosting illegal/objectionable content on your website
  3. Search Engine Optimisation - creating links from your website to theirs
  4. Using your website to send spam
  5. Spreading malware (eg: trojans, viruses, and other bad stuff)
  6. To use your site for other attacks - your website can become part of what is known as a botnet, a so-called army of rogue websites used to simultaneously attack other websites
  7. Rent access to your server - if they manage to gain access to the server hosting it

So what does Techno Joy do to protect their customers and servers?

We take security very seriously. All our websites sit behind a "Web Application Firewall" (WAF) which scans all traffic coming in and going out from our servers. Every website request (and the machine requesting it) are checked against multiple databases of known exploits and "abuse IP addresses" (known to send spam, hack websites etc), and each request is also checked for suspicious activity. Connections that are either detected as suspicious, or suspicious activity on your website is automatically blocked, and depending on the situation, the person (or machine) connecting is either asked for "human verification" (automated) before they can proceed, or entirely blocked.

This has prevented a huge number of full-blown attacks on some our our customers' websites which could have potentially led to compromised/hacked websites, or overloading our web servers with a surge of attacks (which in turn would affect all the other websites on that particular server).

To give you an example, during a period in August 2019 we collected some statistics. We took a total of 2.3 million filtered requests (through our WAF) including good and bad, and counted the different totals.

Statistics for 2.3 million filtered requests

Below is a snapshot of 2.3 million filtered requests, including good and bad.

Filtered requests Total Percent
Filtered requests (all / total) 2,305,576 100%
Human verification challenges 34,115 1.48%
Human verification challenges Verified (percentage of challenges) 107 0.3%
Blocked requests (percentage of all requests) 2,050 0.08%

So whilst only approximately (in this snapshot) 1.5% of requests are bad, it is worth noting that the firewall successfully mitigated almost 35 thousand malicious attempts to hack our customers' websites. This figure would have likely been a lot higher had we not been blocking their attempts, as several types of botnets give up after a while when they realise they simply do not have access.

Protecting your websites

Our web application firewall is not our only line of defence either, however it is one of our main weapons for protecting your websites.

Every day your websites and databases are backed up and stored remotely for at least three months, and we physically go through each backup log ever day to spot any potential unauthorised (or suspicious) changes. If we spot anything, we investigate. We are proud to say that, to date, all our hosted websites are safe & sound.

Does this mean your website is 100% safe?

Nobody can ever make that kind of statement or guarantee. Hackers are always very creative in finding new exploits of popular software. Fortunately the vast majority of our website hosting clients don't run the same software as those that absolutely dominated the list of 761,00 hacked websites (such as WordPress which accounted for half, Joomla and Drupal), and these automated attacks target these three most of the time. Nevertheless, regardless what software your website runs, our web application firewall still shields off these types of attacks.

For those running platforms such as WordPress, you should still regularly update your software as each release includes fixes for exploited vulnerabilities!

Contact us about secure website hosting

Our services

Website design

A professional design by a professional designer. Each website we design has a unique "look" to impress and match the business.

Website development

Our websites are programmed to your exact requirements so that you get everything you need. Integrating the award-winning Silverstripe CMS, we provide you with the tools for the job.

Silverstripe development

Techno Joy specialises in Silverstripe development, building all kinds of websites from simple brochure websites to complex solutions.

Web hosting & domains

We provide fully supported domain hosting, email hosting, and website hosting for your business, from right within New Zealand, so no delays to access your website.

IT & web consulting

Are you looking for an online solution for your business or do you just need advise? A significant portion of our time is spent advising our clients, and we do it gladly.

Websites for artists

We created Artist Net to link New Zealand artists and provide them with a very affordable & easy-to-use solution to get their artwork online.

Techno Joy 2004 - 2024 // Hawke's Bay Web Developers