Blog / Free Anti-Hacking Security on All Hosting

Free Anti-Hacking Security on All Hosting

by SW Team

All our Hosting plans include completely free AntiHacking protection.

You will not find any other hosting provider in the world that offers this for free. It is also included in our free hosting plans.

Read on and you will understand the great value and importance of this gift.

How does the anti-hacking security of our Hosting work?

All traffic entering and leaving our data centers is analyzed in real time by multiple layers of firewalls.

Our AI-based analysis systems and comparative and predictive algorithms are able to decide whether every bit of traffic they analyze could be a threat or not, and handle it in real time without affecting speed.

Everything analyzed is stored in large big data storage systems that are able to learn and change the patterns of their actions according to all the malware or all the new threats that appear or that we detect.

The system automatically decides if what it is analyzing is a possible threat to the security of your hosting, and if so, it blocks it.

Everything happens in real time, hundreds of thousands of variants of malware, viruses, malicious user behavior patterns are detected and blocked.

But what is it really good for?

It serves you well, your hosting is fully protected. We are able to guarantee 100% that there will be no data theft, nor will they be able to manipulate your website.

In addition, if your site has flaws or programming errors that allow, for example: code injection by "query string", SQL injection, dictionary attacks to the login, etc., we will protect it in real time (you will see many more details in the technical information if you continue reading).

So you will be able to update your site so that it does not have any errors or bugs in the programming.

And is it able to protect my Wordpress?

Of course, you can protect your Wordpress or any other CMS that you install on your Hosting.

You have to keep in mind that if you use CMS like Wordpress or Presta to build your website, they will be updated and you will have to update them. And we all know that no one does. That is why it is very important to have an intelligent perimeter security system like the one offered by SW Hosting, so that if you forget to update your Wordpress, it can still be secure.

Note, this doesn't mean that you don't need to update your CMS, you should do it anyway.

Everything happens in real time

Your SW Panel Dashboard is the best tool to know what is going on.

In real time, you will see all the threats and attacks that the system is blocking, in addition, if it is a known attack, it will detail the one that was blocked, so you have all the information.

You also have a world map that geolocates the origin of all the attacks that your hosting server receives, and statistics of everything that happens.

It is very important that you are calm and secure and SW Hosting's Anti Hacking Filter is designed for that.

More Technical Information

For the "Geeks" we leave here much more technical information about everything we block that can be harmful to your hosting.

In addition, all virus, malware, or vulnerability signatures are updated hourly from multiple sources around the world to ensure that any new risks or malware that emerge are detected and we can protect your hosting from them.

Antivirus signatures:

  • Malicious Android application (APK) files.
  • Malicious Apple disk image (DMG) files used with Mac OS X.
  • Adobe Flash applets and Flash content embedded in web pages.
  • Java applets (JAR/class file types).
  • Mach object (Mach-O) files, which are executables, libraries, and object code native to Mac OS X.
  • Microsoft Office files, including documents (DOC, DOCX, RTF), spreadsheets (XLS, XLSX), and PowerPoint presentations (PPT, PPTX).
  • Office Open XML (OOXML) 2007+ documents.
  • Portable Document Format (PDF) files.
  • Portable executable (PE) files can run automatically on a Microsoft Windows system and should only be allowed when authorized. These file types include:
  • Object Code.
  • Sources (FONs).
  • System files (SYS).
  • Driver files (DRV).
  • Windows control panel items (CPL).
  • DLLs (dynamic link libraries).
  • OCXs (libraries for custom OLE controls or ActiveX controls).
  • SCRs (scripts that can be used to run other files).
  • Extensible Firmware Interface (EFI) files, which run between an operating system and firmware to facilitate device updates and boot operations.
  • Program Information Files (PIF).
  • Apple Software Installation Packages (PKG), used with Mac OS X.

Spyware Signatures


Detects programs that display potentially unwanted ads. Some adware programs modify browsers to hyperlink the most searched keywords on Web pages; these links redirect users to advertising sites. Adware can also retrieve updates from a Command and Control (C2) server and install them on a browser or client system.


These payload-based signatures detect command and control (C2) traffic and are automatically generated. Importantly, automated signatures can detect C2 traffic even when the C2 host is unknown or rapidly changing.

Back Doors

Detects a program that allows an attacker to gain unauthorized remote access to a system.


Indicates botnet activity. A botnet is a network of malware-infected computers ("bots") controlled by an attacker. The attacker can centrally command each computer in a botnet to perform a coordinated action at the same time (such as launching a DoS attack).


Detects an add-on or software that changes browser settings. A browser hijacker can take over automatic searches or track users' web activity and send this information to a C2 server.

Data theft

Detects a system that is sending information to a known C2 server.


Detects DNS requests attempting to connect to malicious domains.

Dns-wildfire, Wildfire o WildFire Private

Detects DNS requests attempting to connect to malicious domains.


Detects programs that allow attackers to secretly track user activity by logging keystrokes and capturing screenshots.

Keyloggers use various C2 methods to periodically send logs and reports to a predefined email address or C2 server. Through keylogger monitoring, an attacker could obtain credentials that would allow access to the network.


Detects a program that replicates itself and spreads from one system to another. Network worms can use shared resources or exploit vulnerabilities to gain access to target systems.


Detects when a user attempts to connect to the home page of a phishing kit (likely after receiving an email with a link to the malicious site). A phishing site tricks users into providing credentials that an attacker can steal to gain access to the network.

In addition to blocking access to phishing kit home pages, enable multi-factor authentication and credential phishing prevention to prevent attacks at all stages.


Detects activity indicative of the post-exploitation phase of an attack, where an attacker attempts to assess the value of a compromised system. This could include assessing the sensitivity of data stored on the system and the utility of the system for further compromising the network.

Web shell

Detects systems infected with a web shell.

A web shell is a script that allows remote administration of a web server; attackers can use web shell infected web servers (web servers can be Internet-facing or internal systems) to target other internal systems.


Detect outbound C2 communications. These signatures are automatically generated.

Spyware and Autogen signatures detect outbound C2 communications; however, Autogen signatures are payload-based and can uniquely detect C2 communications with unknown or rapidly changing C2 hosts.


Brute Force

A brute force signature detects multiple occurrences of a condition in a given time frame. While isolated activity may be benign, the brute force signature indicates that the frequency and rate at which the activity occurred is suspicious. For example, a single failed FTP logon does not indicate malicious activity. However, it is likely that many failed FTP logins in a short period of time indicate that an attacker is trying to guess password combinations to access an FTP server.

You can customize the action and trigger conditions for brute force signatures.

Code Execution

Identifies a code execution vulnerability that an attacker could exploit to execute code on a system with the rights of the logged-on user.

Code obfuscation

It detects code that has been transformed to hide certain data while retaining its function. Obfuscated code is difficult or impossible to read, so it is not obvious what commands the code executes or what programs it is designed to interact with. More commonly, bad actors obfuscate code to hide malware. Less commonly, legitimate developers may obfuscate code to protect privacy, intellectual property, or to improve the user experience. For example, certain types of obfuscation (such as minimization) reduce file size, which reduces website load times and bandwidth usage.


Detects a Denial of Service (DoS) attack, in which an attacker attempts to make a target system unavailable by temporarily disrupting the system and the applications and services that depend on it. To conduct a DoS attack, an attacker could flood a target system with traffic or send information that causes it to fail. DoS attacks deprive legitimate users (such as employees, members, and account holders) of the service or resource they expect to access.


Detects an exploit kit landing page. Exploit kit landing pages often contain multiple vulnerabilities that target one or more Common Vulnerabilities and Exposures (CVEs) for multiple browsers and plugins. Because specific CVEs change rapidly, exploit kit signatures are triggered based on the exploit kit landing page, not the CVEs.

When a user visits a website with an exploit kit, it looks for specific CVEs and attempts to silently deliver a malicious payload to the victim's computer.

Information Leakage or Theft

Identifies a software vulnerability that an attacker could exploit to steal confidential or proprietary information. Often, a vulnerability exists because there are not thorough controls in place to protect data, and attackers can exploit vulnerabilities by sending crafted requests.


Identifies a buffer overflow vulnerability that could allow an attacker to exploit the lack of proper request sanitising. A successful attack could result in remote code execution with application, server, or operating system privileges.


It detects when a user tries to connect to the home page of a phishing kit (likely after receiving an email with a link to the malicious site). A phishing site tricks users into providing credentials that an attacker can steal to gain access to the network.

In addition to blocking access to phishing kit home pages, enable multi-factor authentication and credential phishing prevention to prevent phishing attacks at all stages.


Detects protocol anomalies, where protocol behavior deviates from standard and compatible usage. For example, an improperly formatted packet, a poorly written application, or an application running on a non-standard port would be considered protocol anomalies and could be used as evasion tools. It is good practice to block protocol anomalies of any severity.

SQL Injection

Detects a common hacking technique in which an attacker inserts SQL queries into an application's requests to read or modify a database. This type of technique is often used on Web sites that do not comprehensively sanitize user feedback.

Have you ever calculated the cost in dollars of the time you spend fixing your site when it is hacked, or how much your data is worth when it is stolen?

All these questions and more are the ones you should ask yourself to understand the importance of security. We have asked them and we have decided to give you the gift of security. It is so important to us that your website is secure that we do not feel comfortable without offering you anti-hacking security in your hosting.

Ask your current provider for it and if they don't offer it, which they won't, migrate your hosting to SW Hosting, every minute counts and hackers don't sleep.

Everything we have told you is very important for your hosting, and especially for those who use CMS like PrestaShop or Wordpress.

To make it even clearer that your hosting must have anti hacking security, we have prepared a small tutorial in which we explain how you can hack a Wordpress step by step.

Here you have a clear example that security for your hosting should be very important and the main value that you analyze when deciding which should be your provider. Not only the price and the number of email accounts should make you decide. Evaluate the SECURITY of your website.

Don't forget to transfer your Wordpress to SW Hosting by clicking here. Remember that we have Wordpress auto installers in just 1 click the moment you activate your hosting, very easy and fast.

You can check how to migrate your Wordpress to SW Hosting in the following manual: How do I migrate my Wordpress to SW Hosting?

You can transfer your hosting to SW Hosting using the following link; Transfer my hosting to SW Hosting For more information or if you have any questions, please contact us using The Contact Form

Get your Hosting!