Fighting off the Attack
The number of sites being corrupted and having data stolen, or being used to infect the PCs of visitors with malware is rocketing. To help protect the sites of its many users, Bitrix has come up with a Protective Protection (PRO + PRO) platform for its ASP.NET Web CMS product.
With proactive protection, it locks down sites by monitoring incoming data (working as a firewall) and detecting common attack vectors such as cross-site scripting attacks and SQL injections.
To test the product, it was let loose at the a recent Russian hacking event, Chaos Construction 9, where it staved off thousands of attempted attacks. Naturally, defense can never stand still and already promised for the next update are more security features. These will include one-time passwords, an integrity checker, abnormal activity detector to sniff out suspicious behavior that might indicate a new type of attack and IP-based authentication.
Protection and filtering are managed via the control panel
Suspicious activity is logged for later inspection, or for evidence. The framework has been certified by Positive Technologies and complies with Web Application Firewall Evaluation Criteria established by the Web Application Security Consortium.
The update also has some additional features for social networking including improved blog and forum support, searchable content and management of video and images. Articles can be posted directly from Word or other sources.
Site Manager ASP.NET is available today, there is a 30-day free trial and it can be purchased at the Bitrix store which currently offers a 30% discount at US$ 690. The price includes a one year subscription to technical support, updates and upgrades. Existing users can upgrade live online and the update happens in real-time, automatically using the SiteUpdate module.