ANS Documentation

Improve This Doc
  • Cloud
  • Domains and DNS management
  • Backup and High Availability
  • eCommerce Stacks
  • Security
    • DDoSX®
    • Web Application Firewall
    • Threat Monitoring and Threat Response
      • General Information and FAQs
      • How does it work?
      • System Requirements
      • Getting Started
      • Installing on a UKFast hosted server
      • Installing on a non-UKFast hosted server
      • PCI DSS Compliance
      • Alerts and rulesets
      • Attack Ruleset
      • High Level Alerts Explained
      • Alert Remediation Tips
      • Common Attacks
      • Databases
      • Exploits
      • File Monitoring (FIM)
      • Malware
      • Service Specific Alerts
      • System
      • Windows
      • Scans and Reconnaissance
    • McAfee Antivirus
    • Vulnerability Scans
    • ANS MDR
    • Keeping Magento secure
    • Keeping WordPress secure
    • Brute Force Attacks
    • CryptoLocker
    • Dirty COW
    • The Logjam attack
    • Meltdown and Spectre
    • Memcached security concerns and reflection/amplification DDoS attacks
    • Wana Decryptor / Wana Decrypt0r 2.0 / WannaCry
    • Log4J Vulnerability
    • Polkit Security Vulnerability CVE-2021-4034
    • CVE-2022-0847 - Dirty Pipe Vulnerability
  • Email
  • Monitoring and usage management
  • Networking
  • Operating systems
  • Webcelerator
  • MyUKFast
  • Home >
  • Security >
  • Threat Monitoring and Threat Response >
  • Attack Ruleset

Attack Ruleset¶

Threat Monitoring from UKFast can be configured to detect and protect against a range of attack that could prove to be dangerous to your mission-critical systems, including web servers, Databases, Authentication services and management services like FTP, SSH and RDP.

Through log interrogation, we can detect and block many attacks on below attack vectors:

  • Common Web Attacks
    • SQL Injection
    • XSS (Cross Site Scripting)
    • Shellshock Attack (CVE-2014-6271)
    • Directory Traversal
    • Command Injection
    • Remote file inclusion (RFI)
    • POST Bots
    • Malicious User Agents
    • PHP CGI-bin Vulnerabilities
    • PHP Info Scans
  • Web Application Specific Attacks
    • osCommerce login bypass
    • osCommerce file manager bypass
    • Uploadify Exploit
    • BBS delete.php Exploit
    • Simple shell.php Command Usage
    • PHPMyAdmin Setup Scans
    • Suspicious URLs
    • High amount of POST Requests
    • Anomaly URL query (attempting to pass null termination).
    • Timthumb Exploit
    • Timthumb Backdoor Access
  • WordPress
    • Monitor WordPress Activity
    • Login Brute Force
    • Comment Spam from fake Search Engine Bots

Next Article > Common Web Attacks

  • Useful Links
  • SMB
  • Enterprise
  • Channel
  • Public Sector
  • ANS Data Centres
  • About ANS
  • Careers
  • Blog
  • Get in touch
  •  
  • Sales 0800 458 4545
  • Support 0800 230 0032
  • Get in touch

© ANS Group Limited | Terms and Conditions | Corporate Guidance | Sitemap
ANS Group Limited, registered in England and Wales, company registration number 03176761, registered office 1 Archway, Birley Fields, Manchester M15 5QJ