Cloud Coden will automatically monitor the most common log files, such as Apache / Nginx access logs, error logs, system-level logs, exim4 logs, post-fix logs, and more. If you wish, you can also specify custom log paths in the module configuration.
Malicious botnets often leverage dictionaries containing common names and phrases to identify the correct username and password combination to breach a specific account. They systematically verify a wide range of possible login credentials until they gain access to the targeted account.
“Malicious botnets typically utilize dictionaries filled with common names and phrases to pinpoint the correct username and password combination for breaching a specific account. They systematically verify a broad array of potential login credentials until they achieve access to the targeted account. This type of attack, known as a brute force attack, relies on conducting numerous trial-and-error login attempts.
The most common targets of brute force attacks are email accounts, WordPress / Joomla / Drupal administrators, and FTP and SSH access. Malicious botnets typically use a variety of different IP addresses to carry out their attacks.
Upon completing the installation of the Cloud Coden software, the log analysis module automatically detects the most common log files on your server and begins to analyze them in an efficient and user-friendly manner.
This module immediately blocks brute force attacks, in addition to a variety of other attack types, including SQL injection, directory traversal, spam attempts, WordPress user enumeration attacks, and reflective DDoS via xmlrpc.php, among others.
Cloud Coden’s log analysis requires no configuration and operates silently in the background, monitoring harmful IP addresses. When this module detects a harmful IP address, it is automatically added to our reputation module’s greylist in real time. We continuously update our IP rules and constantly monitor log files, ensuring you always have the latest protection on your server.
Log files and new rule types are constantly added to our log analysis module for automatic detection.
All incidents resulting from newly added rules will be applied in test mode first. After that, we carefully analyze them to make sure the false positive rate is low.
Cloud Coden DoS detection module not only prevents internal attack attempts, but also outgoing DoS attempts.
Cloud Coden Record analysis starts automatically without the need for any configuration. Of course, you can configure supervisors and register tracks as you like.
Cloud Coden will automatically monitor the most common log files, such as Apache / Nginx access logs, error logs, system-level logs, exim4 logs, post-fix logs, and more. If you wish, you can also specify custom log paths in the module configuration.
This module protects your sites and accounts (WordPress, Joomla, Magento, cPanel, etc.) on your servers (FTP, MySQL, Postfix, OpenSSH, etc.) against a wide range of attacks:
Brute force attacks
SQL injection
Directory traversal
Reflective DDoS attacks
Autoshell upload attempts
Spam
Code injection
WordPress user enumeration attacks
XML-RPC Attacks
Log file changes are monitored through system calls made by our Auditd feature, so there’s no need to keep log files open all the time. We also use the highly efficient Aho-Corasick algorithm for pattern matching.
Unlike other solutions, we don’t always blacklist every IP address. Instead, after blocking the IP address, we add IP to the Cloud Coden greylist menu.
If attacks continue, the IP address will be blacklisted. On the other hand, if trying to log in is real, the IP address can be removed from the grey list. IP addresses can be removed from our grey list in three different ways:
Completes the Cloud Coden Browser Integrity Check or CAPTCHA test successfully.
You manually remove the IP address from the grey list through your Cloud Coden dashboard.
It is automatically deleted if we have not seen any incidents from IP for a while.