If you operate any type of feature rich website you know how hard it could be to get the right balance of security and end user functionality. AbyssGuard can be setup to the level of security you need for your website and is not intrusive. Abyssguard works silently in the background of your websites without your users even knowing it is there. Seamlessly scanning, protecting and logging all traffic hitting your website. I have been using AbyssGuard for over six months and I can only say great things about it. Prior to using Abyssguard I had been using ZBlock which worked ok, but have since moved on to AbyssGuard which provides more features. You can try AbyssGuard out for yourself, best of all it is still free for now. At some point in the future it most likely will become a paid service.
If you have ever manually set up a WordPress site, you can easily setup AbyssGuard. You just create an SQL database in you control panel, create a user and password for that database with all privileges, input that and configure the information in the Abyssguard config file, set all folder permissions, then run the script by going to its web address. Detailed setup information here.
AbyssGuard is a web site protection system that offers capable threat prevention against hackers, spammers, script kiddies, bad bots and bandwidth killing scrapers. It analyzes the behavior of your visitors and access attempts looking for malicious activity. After initial traffic analysis, your website is only served to the legitimate traffic. Verified visitors will be cached for a short period of time so as to not keep triggering further traffic analysis. If AbyssGuard detects malicious behavior, the offender will be banned for your specified amount of time and your web resources will not be served, thus saving bandwidth and server resources. The offenders will not be checked multiple times as the Client has its own Cache and Banlist. Abyssguard utilizes the Project Honeypot spam signatures in addition to Abyssguard’s user generated signatures for blocking. All offending IP addresses are being cached at the AbyssGuard Server and if enough different people report them for malicious activity they will be blacklisted for a short period of time. I have not noticed any noticeable speed degradation while using AbyssGuard.
AbyssGuard does not protect your web server, just your web sites. AbyssGuard is ideal for webmasters that own several web sites on the same server as it can be enabled on all of them with single centralized instance and common log. Once the main client side script is installed, it is as simple as placing a single line of PHP code at the top of a page in your websites.
AbyssGuard consists of Server and Client side. The Client side will observe the visits to the websites you wish to protect and will send information to the Server for analysis. The information sent to the Server is as follows:
- Your Settings values in order to know what to analyze
- Visitors’ IP, URI, User-Agent, and request headers
A summary of AbyssGuard functions include the following:
Anti Hack – AbyssGuard is able to detect hack attempts such as MySQL database injections and cross site scripting, directory traversal attacks, and possibly zero day vulnerabilities against your code and more. This is done by analyzing the behavior of the visitors to your website.
Comment Spam – AbyssGuard can analyze the comments submitted by your visitors in search of spam patterns in addition to the detection of several commonly used spam techniques.
Referer Spam – In addition to the Comment Checking, AbyssGuard has built in functionality to detect and block Referer Spamming which can jam up your logs and interfere with analytics.
Cache – Client Side Cache using APC or Memcached for maximum performance and fully invisible for your visitors service!
Open Proxy Detection – AbyssGuard can detect and block Open Proxies that are most often used by hackers and bots in order to cover their tracks and remain anonymous.
Fake Search Engine Detection – AbyssGuard can verify if this really is one of the major Search Engines or just an offender. Supporting Google, MSN/Bing, Yahoo! and Yandex. Fake and malicious search engines will be blocked.
User-Agent Filtering – AbyssGuard has a predefined blacklist of User-Agents used by malicious scripts and offenders.
AbyssGuard Community Network – Shared Community Network between the AbyssGuard users that blocks the usual offenders the moment they reach your site.
- Project Honey Pot httpBL – In addition to the community database, AbyssGuard has integrated support for the Project Honey Pot Service.
- TOR Project Detection – AbyssGuard can detect TOR Project exit nodes and block them. If operating a website which accepts payment transactions, you may want to block TOR.
Now let’s take a look at the user interface.
Below is the Dashboard of AbyssGuard. Here you will find the quick statistics of traffic to your website and the threat count block.
Below is the security logs generated by nefarious traffic. By clicking on the offenders IP, you would be able to see detailed information about the IP. You would also be able to look at its threat information reports generated by other users and the Project Honeypot information if provided.
Here is the settings page where you can configure how you would like AbyssGuard to protect your websites. (Click the image for full detail).
The statistics selection provides you with better insight into where your threats are coming from and what the trending threats AbyssGuard has blocked.
AbyssGuard is a fully functional protection system and very easy to use once setup. It has an excellent UI and is updated when bugs have been identified. Support is responsive and offers help if needed by email. Which ever forms of website protection you use, you might want to look into AbyssGuard to simplify your options with a robust system.
AbyssGuard can be somewhat confusing to setup, particularly with its config file. The AbyssGuard setup .zip does come with its own example config file you can just modify with your database name, database user name, and database password.
Updates to Abyssguard have to be manually patched by the user once they have been released.
There is currently no password reset for the admin area so don’t lose your password or you have to reinstall AbyssGuard.