About vulnerabilities
At myASP.NET, security is very important to us. We make every effort to secure our servers at the operating system and networking level. However, individual customer accounts sometimes contain software vulnerabilities that expose them to attack.
Over the past few years, there has been a significant increase in the number of attempts to compromise our customers' sites. The majority of these attempts are broad in scope and automated, rather than focused attacks on a specific site.
Hackers and spammers are the main perpetrators of these attacks. They want to take over vulnerable websites to send spam, distribute malware, or incorporate the hosting account into a botnet and launch attacks on other sites and servers.
Software vulnerabilities are the gateway that allows malicious actors to gain access to an underlying hosting account.
Why vulnerabilities exist
Many customers use a content management system (CMS) or blogging application, such as WordPress or Drupal. Many others use an e-commerce application, such as Magento or PrestaShop. Any software program of significant size contains bugs, and web applications are no exception.
Malicious actors are constantly looking for vulnerabilities to exploit these popular web applications. Similarly, the developers of these applications are constantly providing security patches to fix vulnerabilities. As a result, there is a constant race between application developers and malicious actors—one side wants to keep their applications secure, while the other side wants to compromise those same applications for nefarious purposes.
What you can do to protect your account
You play a major part in ensuring that your site remains as secure as possible. The most important thing you can do is regularly update any web applications you use (such as WordPress, Joomla, and Drupal). Doing so ensures that your site has the latest security patches.
When a software vulnerability is discovered, malicious actors immediately begin searching the internet for sites that use the affected application. The sooner you can update your site, the less chance that someone will be able to exploit a vulnerability and compromise your account.
What myASP.NET does to protect your account
As mentioned previously, we provide security at the server level. This means we ensure the operating system is up to date with the latest security patches, and we proactively monitor network connections and performance. And we have Antivirus installed on all our machines. Besides, we have Site Guard(IIS module) to filter bad requests.