Velodata’s Blackhole Cyber Security software vigorously defends WordPress against hacker attacks, spam, and malware. It is both blazingly fast and ultra light by design.
OUR APPROACH
The Blackhole software blocks malicious website hits before they reach your WordPress engine. And it’s free!
How does it work? Well, the Velodata Blackhole system is NOT a WordPress plugin. It’s a PHP prepend service which lives half way between your Web Server and your WordPress engine. It protects both your WordPress website and other assets like PHPMyAdmin. Indeed, with a bit of programming knowledge Velodata can protect any website written in PHP.
Our Blackhole software intercepts and scans every request which would normally reach your WordPress engine. And it’s fast too. Less than 4 milliseconds per scan, on average. If an incoming request triggers a ‘fail’, Velodata can either deflect the request into the “blackhole”, or if you’d prefer, it can ban a malicious IP address at the Operating System Firewall level.
The best part is you’re in control. You’re able to configure the blackhole.ini file in such a way that some ‘fail triggers’ merely go into the blackhole, whereas others get banned at the Firewall level. You can receive emails in real time when malicious actors get banned. You can also choose to notify hackers why they’ve been banned, or you can specify they get nothing but silence.
Using Cloudflare? Not a problem. Enable the Cloudflare option, quote your API Key and we can use the Cloudflare API to ban malicious IP address blocks in Cloudflare. You can learn how to get the most out of the Velodata Blackhole system by reading the Fine Tuning Guide.
The Velodata Blackhole software performs the following roles….
- Substantially reduces webserver CPU consumption.
- Identifies and deflects/bans hacking attempts.
- Identifies and deflects/bans Bad Scraping Robots.
- Identifies and deflects/bans unathorised WordPress and PHPMyAdmin login attempts.
- Identifies and deflects/bans Hot Linking by unauthorised users.
- Uses a "self learning" algorithm to identify phishing attempts in real time.
- Instantly responds to Denial of Service attacks in real time.
Download
Standalone PHP version, last updated: 2021/12/25
OUR APPROACH
Why is it better to dynamically ban malicious IP addresses at the Firewall level rather than letting WordPress protect your website?
Firstly, by the time a malicious hacking attempt reaches your WordPress engine, that’s it, you don’t have any protection layers left. Secondly, a lot of people believe hacking attempts happen just once and then they go away. In reality, the vast majority of hacking is automated and it keeps coming back unless you shut it out forever.
Velodata’s Cyber Security software solves this ‘automation’ problem on a permanent basis by adding new IP address rules in real time to your webserver’s IPTABLES system, or, if you’re using Cloudflare we can also use Cloudflare’s API to ban unauthorised IP addresses in real time at the Cloudflare level.
Distributed Denial of Service attacks rely on co-ordinated requests which are designed to chew up your web server’s horsepower. If you get enough of these malicious requests at the same time your website can be brought to it’s knees. Velodata reacts instantly to DDOS attacks by locking out malicious IP addresses in real time at the Firewall layer.
But on top of that, the Blackhole Cyber Security software has a “self learning” system which can identify phishing attempts by malicious actors, and it can ban them in real time too.
If you’d like to use our Cyber Security software, please do so. It’s fast and it works great! You won’t get a better cyber security protection system. All we ask is please consider making a small donation to assist our future software development.
How Can We Help?
Got some questions? By all means, contact us. Your privacy is paramount. We never share customer data with ANYONE.
Feel free to answer any or all of the fields in this contact form as best as you can. You don’t have to fill them all in, but if you do, we can be efficient right from the word go.
Step 1: Enter some contact details so we can get back to you
Step 2: Give us some info about your IT systems to help us help you.
Step 3: Confirm you’re a human and then submit!
ANALYTICAL
Assessing your website’s vulnerabilities – the key to protecting your website from malicious actors.
You can’t fix a problem if you don’t know where it is, and that’s especially true when it comes to website cyber security. There are so many ways a network can be compromised both internally and externally, resulting in financial losses and a damaged reputation. But without a thorough analysis of your website (including supplemental systems like PHPMyAdmin), you won’t know where the vulnerabilities exist.
Velodata excels in this type of evaluation, starting with a thorough testing and assessment of your Website’s resiliency. We’ve written a comprehensive series of “penetration tests” which look for vulnerabilities in your website. We test for unauthorised access to send POST requests, unathorised access to your login screens, unathorised access to your PHPMyAdmin system, unathorised access to WordPress accessories like wp-cron, wp-json, and wp-admin. We test for access to media resources which only YOU should have access to. We test for access to media resources which bad search engines should not have access to. We test for vulnerabilities regarding known hacking attempts.
After we perform penetration testing and white hat (ethical) hacking, the next service we offer is analysing your official log files. Unfortunately, not all log files are created equal. So this takes a bit of tweaking but what we’re looking for are all your 404 and 403 HTTP requests. At least 90% of the time, a 404 HTTP request is evidence of a malicious probe (or hacking) attempt. Our goal is to find out WHICH requests are generating 404 responses and why. Most of the time our Velodata software will do everyting you need, out of the box. But every website is different and there’s a chance your website is getting specific hacking attempts which are unique only to you.
KNOWING WHAT TO LOOK FOR
Preventing brute force attacks. Nobody should have access to your login screens unless they’re authorised personnel.
Brute force attacks are a known form of Denial of Service. At Velodata we’ve put a lot of work into dealing with brute force attacks. Our cyber security software acts as a classic two-factor authentication system when people are trying to access your WordPress administration screens. But it only does this if the IP address of the remote client is part of a trusted IP subnet which you can define – OR – if the remote client provides a valid Bypass Code in their URL login request.
If a remote client is trying to access your WordPress administration the following logic steps occur. Firstly, if the remote client is NOT in your whitelist of trusted IP subnets and secondoly, if it FAILS to provide a valid Bypass Code in their URL, it will get banned at the firewall level. Nobody but your authorised employees should be trying to login in to your WordPress administration screens. And nobody but your authorised employees should have access to the Velodata Bypass Code – a code that only YOU can define.
For example – let’s say you specify TAYLOR47 as your Velodata Bypass Code. If you’re wanting to use a remote IP address which is NOT part of your trusted whitelist, here’s how you would format a login URL. This would allow you to pass Velodata’s outer protection test, and it would then allow you move on to your traditional WordPress administration screens.
https://yourwebsite.com/wp-admin?bypass_code=TAYLOR47
Alternatively, here’s an example of how would format a URL to get access to the classic WordPress login screen that we’re all familiar with. They both work much the same way but the first version is the better version of the URL to use under most circumstances. Bookmark the links and you’re good to go.
https://yourwebsite.com/wp-login.php?bypass_code=TAYLOR47
So how does this stop brute force attacks? Well, a malicious hacking attempt trying to get access to your WordPress engine has just one chance. Obviously they’re not going to be in your your trusted IP subnet whitelist, hence, if they fail to quote a valid Bypass Code, BAM. They’re gone. You’ll be astonished how many automated emails you’ll receive from Velodata’s Cyber Security software every time a hacker gets banned at the firewall level in real time.
RESPONSIVE
Hotlinking – the bane of our existence
A client came to us recently asking us to help them find out why their website was costing $25 a day in data charges. The answer, as always, was hotlinking.
It turns out the client had a series of videos which were being hotlinked on various messageboard forums around the world. People around the globe were watching our client’s videos for free but our client was getting slugged for gigabytes of outbound data costs per day.
Nobody should have unlimited access to your website’s media resources unless they’re viewing those resources through your website – or – unless those resources are being indexed by search engines that YOU approve of.
