Serversaurus has developed a system to better protect the dashboard of your Content Management System from security threats.
Our security threat identification process observes a constant stream of brute force (password-guessing) hacking attempts against dashboards for most content management systems.
This constant stream of hacking attempts poses a risk that your dashboard may be breached and could have a variety of adverse consequences, including: website defacement, the insertion of malware or other malicious software, breach of customer data, or a phishing attack, where cyber criminals use your website to trick users into giving them personal information including credit card or bank details.
An ideal approach to securing your CMS dashboard from brute force attempts is restricting login access by Internet Address, also known as IP (Internet Protocol) Address. This means only a specific list of Internet Addresses is allowed to log in to your CMS Dashboard, and all other attempts are denied.
The Self-Service IP Allow application enables clients to protect their CMS dashboard by IP address, without the need for support requests. This increases the security of the dashboard, and elminates the server resource consumption involved in responding to the constant password guessing attempts by hackers. If client staff are working from home with regularly changing IP addresses, this provides a simple way for them to self-manage one facet of the access security to their dashboard.
The application works by having the CMS user visit a defined URL (for example https://site.name/let_me_in), which automatically adds their IP address to a list of allowed IP addresses, with no further intervention required. They will still have to enter their username and password when logging into the dashboard. The Self-Service IP Allow application can also be optionally protected by basic authentication.
We've created a short explainer video to show how easily this works in practice:
The installation of the feature can be performed within business hours, without any website downtime.
If you want to proceed with the installation, contact us and we will confirm the next steps.
Last updated November 30, 2023