When a client pays me to maintain their website, they get much more than routine software patches and updates (which themselves are quite a valuable service). They also get real time threat defense at the automated software level, as well as at the human level.
Believe it or not, your site and the server it’s on are constantly blocking attacks from all over the world. These attacks are often routine, and automated security blocks at the server level and website level usually block those attacks with little fanfare.
Sometimes, a particular IP will attempt a Brute Force Attack where suddenly the rate of attack from a particular IP address will increase from once every days to hundreds of attacks per minute. When this happens, I’ll get an email like the one you see below:
As part of the service I provide under all my maintenance plans, I immediately respond to any notification like this right away, and take steps to protect your site from further attacks.
The first thing I’ll do is immediately block the IP address. Up until now, the software was blocking individual requests (the known attack patterns) from the IP, but it did not block the IP address itself outright. So upon receiving such a notification, I’ll log in and manually block the IP, which will prevent the IP address from ever reaching the server at all.
It’s one small step but it means the world to small business owners who can’t afford to keep a full time IT expert on staff, but do need someone to look out for their website in detail and with great care.