Recognition Scheme of Cybersecurity Assessment Providers

BNShosting.Net is now a part of the Security and Protection Assessment by DICT in Recognizing Cybersecurity Assessment Providers.

DICT recognized Bitstop Network Services Inc. as a Cybersecurity Assessment Provider (ISMS) effective 3rd June 2022 and that Bitstop Network Services Inc., will now be included in the DICT-Recognized Cybersecurity Assessment Providers listed in the DICT website.

https://dict.gov.ph/recognition-scheme-cybersecurity-assessment-providers/

How to survive a DDoS attack

A DDoS attack is an attack that targets a website. It works by flooding the target website with bogus traffic. By doing this, the attackers are able to “flood” and disrupt the service. This makes it unavailable for legitimate users. The impact of such an attack can be significant. It can lead to prolonged downtime, lost revenue, and dissatisfied customers.

The most important step in dealing with DDoS is to be prepared. This is what you do BEFORE the attack is launched. Identify the potential targets: assets, including servers, applications, and services. Then, you need to determine what effect the outage will have on your customers and users. The cost of an outage is your justification for budgets to fund your countermeasures. Create an incident response playbook.

Preparation Step 1

Have you done capacity planning? How many concurrent visitors can your existing setup handle? Would it make sense to add more memory, CPUs, bandwidth and faster SSD to your storage? Have you optimized your current code so that more visitors can be served? Do you have SNMP monitoring and alerts? Did you enable firewall, web and event logging? It is also important to set up security policies to protect sensitive data. Are all your systems fully updated and patched?

Preparation Step 2

Have you hardened your defenses yet? Did you update your rules for Intrusion protection and detection systems? These are your first line of defense. The attacks that gets past your first line of defense can be stopped by a second line. This is your Web Application Firewall (WAF/modsec). The combination usually is enough to filter out a lot of unwanted traffic.

The key point is to filter out unwanted traffic. You need to create a filter that allows legitimate traffic and discards illegitimate traffic. But understand that it is still no defense against a flood of traffic that is 100X what the server is setup to handle.

Preparation Step 3

Notice that hackers concentrate their DDoS ‘firepower’ onto a target. You can force hackers to spread out their attacks by adding more webservers. You can use Content distribution Networks — CDNs Like CloudFlare, Google’s Project Shield, AWS Shield, Akamai to name but a few.

These CDNs not only provide more bandwidth but also diffuse the DDoS’ impact. The attacks are now spread across several locations. This is like the classic Colonel Blotto Game. It boils down to a matter of forcing your opponents to commit more resources. You do this by opening more ‘fronts’ in the battlefield. The CDN is one way to force the DDoS to attack multiple fronts — instead of just one.

Preparation Step 4

Have you considered a paradigm shift? An out of the box solution should consider the power of distributed web. Rather than a single source of web files, think of using a bit torrent like solution, where the web files sit on multitudes of PCs. The CDN killer app is Brave (browser) + IPFS.

You need to quickly identify the source of the problem. Your SNMP Monitoring can quickly zero in on the asset/s being attacked. You need to notify your customers as soon as you notice that they’re being attacked. It’s important that everyone is aware of the potential risk.

Your web and firewall log files come in handy to identify the assets that are impacted. You can use this data to see whether your customers are seeing a difference in service quality. Find out the Who, When, How of the attacks. And then respond accordingly.

Post Mortem

Hold a “Lessons Learned” after the attack and update your incident response playbook. How can your response teams react faster? Got more to add? Please share your thoughts.

 

 

 

WordPress Secured Hosting – What to Look For in a Secure WordPress Hosting Provider

Finding a WordPress Secured hosting service is an art. You need a service that combines rock-solid reliability with high security standards without breaking the bank. Here are some things to look for in a WordPress Secured hosting provider.

First, you should make sure that your host has proactive firewalls and daily malware scans. Second, you should ensure that your website is protected with SSL certificates. This secure technology encrypts all communication between web browsers and your site.

You also need to control the access to various technical areas, including the database and admin panel. You can make sure that the hosting provider controls this access by clearly stating the policies of its website owners. For example, you can control who has access to the WP-admin area. If the site administrator needs to modify any passwords, you can change the access path to the admin panel. By doing so, hackers will not be able to see the information on your site.

Moreover, you should also track the activities in the admin area. This is important to detect any malicious actions that may be performed by users on your site. If you have more than one user, you should consider using WP Activity Log. This feature lets you view all changes made to several areas of your website. It logs new files, deleted files, and any modifications to any file. This feature is essential for keeping your website secure.

The most secure WordPress hosts have two-factor authentication to prevent hackers from accessing your site with just their credentials. Some of them even offer automatic backups to ensure the safety of your data. You should also check out the customer reviews to make sure that they offer a high level of security. Then, sign up for a WordPress Secured hosting service. Keep in mind that most Web hosts offer WordPress services for free. However, it is important to remember that a secure hosting solution should not come cheap.

The best WordPress Secured hosting services should have an additional protection for your website.Wordfence is an effective plugin that monitors your WordPress installation activity. It records any changes and new files. It is also free to download. Furthermore, the software is free to use. In addition, Wordfence Security is a powerful WordPress plugin that alerts you to potential security issues. It is also compatible with the WP core. Having Wordfence installed on your website will increase protection of your content from malware.

While WordPress is an open source system, security vulnerabilities can still be present. This means that you need to keep up with the latest updates of the software to stay safe. It is also important to upgrade to the latest version of your server to avoid being hacked. Regular updates will keep your website secure. The security of your website is paramount, so you should choose a WordPress Secured hosting provider that provides the highest levels of security.

 

How to Optimize Your Moodle Server

How to optmize your moodle learning management systemTo increase the performance of your Moodle site, there are a number of ways to optimize your server. You should avoid enabling multiple filters, because this can increase the server’s load. Instead, consolidate features into smaller plugins and turn off filters that are rarely used. A great example is the Multi-Embed filter. It allows you to embed content from third-party websites and services and converts the URL into an embedded format.

To optimize your server, first, create a baseline benchmark. You can measure the performance of your system by looking at how long it takes to load a page. If the page is taking too long to load, try to decrease the number of sections that appear on a page. The smaller the pages are, the less RAM they take up, so this will increase your server’s performance. If you’re worried about RAM usage, you can use folders and core activities.

You should also make sure that your server can handle the load. Moodle requires a good amount of RAM and disk space. In addition, your host and browser must be high-performing. You should monitor the performance of each of these components monthly. If you don’t manage to achieve this, you might need to purchase a new computer. If you’re using Moodle on a server, the best way to optimize it is to purchase a powerful computer and upgrade it if necessary.

Why Your Website Needs to keep a Traffic Log

Why your websites traffic logs should be kept

 

 

 

 

 

 

 

 

 

Keeping a traffic log is vital for your website. They can give you a detailed look at how visitors find your website. The most useful logs can help you block malicious IP addresses and improve your website’s performance. These logs are typically enormous and contain a lot of juicy information. But why keep them? Let’s take a closer look. Here are some reasons. Read on to learn more!

Traffic logs provide valuable information on what pages are most popular. Web servers record every request for a web page. They can also be used to determine the popularity of a website. They can help you determine which pages are the most popular. In addition to the traffic logs, you can see how many visitors came back to your website on different days. Keeping a traffic log can help you improve the site’s performance.

Monitoring website logs can help you improve your customer experience. This information is vital to improving your product and your service. You’ll be able to determine which pages are most popular and what search terms are generating them. You can also take action based on your insights. It can help you create better content and boost your sales. You’ll know if you’re on the right track with your website.

A traffic log is very useful when you’re trying to diagnose problems with your website. It allows you to spot issues and fix them immediately. A good log management solution can help you monitor logs for more than just performance problems. They can also improve the stability of web applications. Commercial solutions typically have more advanced features. Papertrail has a lifetime free trial. You can switch to a more expensive plan if you need more features.

The most common reason for keeping traffic logs is to prevent malicious activity on your website. If you can detect a threat before it occurs, you can make changes and prevent it from happening again. Even a single visitor can exploit a website’s security. Therefore, a log is invaluable for your website’s security. There are many advantages to using a log management tool like Papertrail.

Google Analytics provides a user-friendly interface and easy-to-use reports. However, you can also use these reports to identify the specific source of your website’s traffic. If you’re trying to improve one particular page, you can also use a universal analytics tool that can show you which pages are getting the most traffic. In the long run, a traffic log will be the most valuable source of revenue for your website.

How to Secure Your Server Against Log4J Attacks

How to secure your server against Log4J attacks

The most important thing that you need to do is to patch your system as soon as possible. If you’re not using Log4J, you can use mitigations or drop the software completely. The attack has been traced to a vulnerability in Log4j, a library that allows outsiders to see internal logs of applications. While this is a common issue, it is also very serious and requires immediate action.

The Apache Foundation has outlined mitigation techniques for securing Log4J. These techniques involve disabling the JndiLookup class and deleting the system’s log4j2.formatMsgNoLookups background variable. If these measures don’t work, you can also install security solutions on your server. These solutions are designed to detect and prevent malicious code. This article will discuss how to secure your server against a Log4J attack.

You can also install an outgoing firewall rule to prevent attackers from exploiting this vulnerability. You can also block incoming connections through your firewall. However, you must remember that this solution is not foolproof. In addition, it is intrusive and prone to errors. That’s why it’s important to implement outgoing firewall rules to protect your server against Log4J attacks. And if you’re not comfortable doing this, you can simply remove the jar files. Then, you can install the required patches and keep your server protected.

How to Optimize Maria SQL for Websites

How to Optimize Maria SQL for websites

The first step in optimizing your MySQL server is to make sure it is using a secure connection, preferably HTTPS. This is important for your site’s security as well as for your website’s performance. You can optimize your server to run as fast as possible by ensuring it uses a secure connection. Once you have the right database server, you can begin working on your website. Here are some tips to optimize Maria SQL for your site.

First, make sure you’re using appropriate monitoring tools for your MariaDB database. There are many free tools available, including ClusterControl. This tool offers performance advisors, alarms, and alerts for MariaDB. Besides, it’s open source. If you’re planning to use the database for a large website, you should consider increasing the threadpool variable to a higher value. Once you’ve done that, you should increase your backlog to a minimum of 100MB and then add a new one for each table partition.

To make your MariaDB database run faster, you should allocate at least one KB of memory for each table. For best performance, allocate 1 KB per MB of memory. Alternatively, use mrr_buffer_size to make your tables larger. By adjusting the maximum heap size, you’ll be able to get a better performance. After all, you should always have a spare tire for your databases.

National Cyber Drill 2021

REGISTER HERE:

Day 1 (November 24, 2021 ): National Cyber Drill 2021 (Day 1)

Day 2 (November 25, 2021): National Cyber Drill 2021 (Day 2) 

The Department of Information and Communications Technology (DICT)-Cybersecurity Bureau will be conducting the fourth leg of its annual National Cyber Drill Exercise on 24 to 25 November 2021, with the theme, “Cybersecurity Starts with You: Building a CyberSecured Society.”

The conduct of this activity is part of the mandate of the Philippines National Computer Emergency Response Team (CERT-PH) as stated in the DICT Department Circular 003 series of 2020.

Through the CERT-PH initiative, this year’s cyber drill will focus on enhancing public awareness and assessing the public’s perspective on cybersecurity and their capacity to protect themselves from cyber threats and cyberattacks.

CERT-PH believes that a more holistic and inclusive approach in implementing the annual cyber drill is a step forward to creating a more proactive approach in addressing various cybersecurity threats in the country.

The two-day exercise will include a series of activities that will help assess and improve the participating organizations and individuals’ incident response capabilities to mitigate cybersecurity risks.

The first drill, conducted on the first day of the two-day activity, will be open to the public regardless of their age and background. The primary purpose of this activity is to make the public more involved to develop a better understanding of cybersecurity as a public concern.

On the other hand, the second part will cater to individuals and organizations with advanced cybersecurity knowledge. Like the previous years, the drill will also include simulations of cyberattacks and IT security incidents to test the participants’ readiness and capabilities to respond to various risks and threats. 

CERT-PH highlighted that familiarity with the given situations would strengthen each participants’ preparedness in solving issues relating to cybersecurity. This approach will also help them better understand how to handle the incidents in a specific case and be part of the cyber solution.

Participants who wish to be part of the National Cyber Drill  2021 will have to register separately for the two-day event.

Registration is OPEN from November 5 until November 17, 2021
This is a FREE event. E-Certificates will be provided upon completion of the drill.


For inquiries, send us an email to drill.cert-ph@dict.gov.ph