OSE Anti-Hacker Version 5.3.3 - 5.3.4
* New feature -- Added the confidence level parameter for Stop Forum Spam Anti-Spamming function
OSE Anti-Hacker Version 5.3.2 - 5.3.3
* New feature -- Added Stop Forum Spam Anti-Spamming function
The major technical features include:
* Double Firewall system providing Three Layers of protection:
o Layer 1: Signature-based Detection System - detecting most common hacking behaviours.
+ a) Surface Scanning, once hacking behaviour is found, the activity and corresponding IP will be banned immediately.
o Layer 2: Pattern-based Instruction Detection Systems - blocking all inbound malicious codes and hacking activities, including network-, application-, and operating system-level attacks.
+ b) Scans and monitors all URL, Form Fields, Cookies values.
+ c) If hacking is found and the Risk Score exceed the secure level, the IP will be banned immediately.
+ d) If Suspicious Hacking behaviour is found for Form Fields and Cookies hacking, the
First just let me say that the extension appears to be VERY effective at securing the web site.. It's blocked a few SQL injection attempts already.. with that said.
I'm running joomla 2.5.13 and OSE Anti-Hacker 5.3.4
1. When a hack is blocked, I get multiple copies of the notification.. the first comes to just me, the second goes to me and another admin, third goes to me and all of the admins and the fourth goes to all but one of the admins ( 4 total admins ) .. It notifies based on "Receives System Emails" user configuration. I would much rather have the recipients be manually configured personally.. but the multiple notifications is really annoying.
2. The IP Management screen doesn't work.. It acts like there's no entries when I try to add white listed addresses.. yet, they are in the database.. I'm not sure that the white list even works, I've not tried to test that yet.
We hoped to deploy this on several sites but if I get multiple notifications for every blocked hack on dozens of sites I'll be flooded.. also, not all of the admins need to be receiving this notification.. some are just interns that approve new user registrations for example.. so I seriously think having a recipient list in the OSE configuration would be better.
Once the notification issue is resolved I'll be happy =)
Thank you for your report. Please upgrade the component to version 6, the two issues have been resolved in version 6 already. Especially this one:
'I seriously think having a recipient list in the OSE configuration would be better.'
In version 6, please go to Configuration --> There is a section called Admin-Email Mapping, please enter that section and choose which user you wouldl like him / her to receive notifications.
Also, in this new version, the notification will be sent the first time the alert is triggered, and there is another email being sent when the attack is blocked, so the duplicated email notifications issue is resolved in version 6.
Hope this helps. :)
1) Analyzed and cleaned my local copy of the website carefully, updated every single component, and got rid of not needed components.
2) Checked website security with webyfly.com which revealed two unnoticed security holes. I fixed everything afterwards.
3) Installed this component.
I'm not having any problems ever since. I don't know which of the three measures gave the best result (or maybe it's the combination of the three). However I'm quite happy with your component and will keep using it. Thanks.
With the support of the OSE team I clould install OSE Security Suite on my server. Now every new Joomla site on the server is protected with a minimum of effort.
The only thing I would like is that the updates or new versions are more easy to install.
I bought this product, because my web page got hacked. I'll post another review when I have more experience with the product itself.
Now I removed vulnareable components, got my website cleared bij OSE and am happy again!
I've installed OSE Anti-Hacker on my site, and had a few critical issues that were solved in no time (less than an hour) by the support team! They are not only incredibly fast, but also very efficient! Highly recommended.
I used videos for the previous version to install and it was easy. Took less than 30 minutes to setup and test. I've had a few questions and someone ALWAYS gets back - fast. Having a security team at your fingertips is business critical. You could go and pay for a web-based scanner from a big corporate but SEO Security Suite is for the back end of Joomla, so to me it's tougher to crack, your own custom security locks. It's the last piece in the cost puzzle before we deploy our main site, and now I can sleep at night. I anticipate that OSE are one of those small companies now ... but they won't stay that way with quality work and service like they have. Buy this component.
I have first installed it on a website that got hacked 3 times, and took the whole server down with it... But the very website is still running version 2 of this extension, with no further problems. Just reports of failed hacking attacks.
I do recommend this, especially because they have a great quick and effective support. Don't worry if you can't install the program, they REALLY help.
My php settings were blocking the install and I needed help, so I submitted a ticket to their support team, who responded INSTANTLY with the perfect answer to solve my problem. You can't ask for more than that.
In my opinion, quality protection software should not be free, I don't mind paying for peace of mind.
When i was new in Joomla, i did not care about security enough so my website hacked and i lost 6 months my time. After that, by help of OSE team i had not any problem until now.
Thanks again and do not give up.
I decided on this product after seeing the great reviews.
I have to say I've been extremely impressed with the customer service recieved.
I had some issues installing (my mistakes rather than the product), and Helix was quick to respond and help me sort out, going above and beyond what you'd expect.
The product is now running and doing its job. Well worth the money for the product and the superb service.
The ease with which you can extend this product to all of your websites sitting on the same server is brilliant.
The support from Open Source Excellence was incredible, as my needs were great! I was most definitely floundering, with where to add code and find certain files, and they picked me up brushed me down and sorted it all out for me so that I now have the very best security by the very best support giving me peace of mind regarding the security of my sites.
Having first hand experience recently of the devastation caused by hackers with a website - not my own - being held on another server - which I help maintain - I wanted to make sure my server and the sites on it were very secure.
A very professional product from a very professional team and a great big thanks from me!
Their support team is definitely one of the best around here and even if I had issues with non-OSE features, they were opened to help. The little extra step made me feel very comfortable dealing with them. Congratulations!