Firewall and Security Protection

General | Updated March 2026

Every server in our hosting fleet is protected by multiple layers of security including a network firewall, web application firewall, malware scanner, and account isolation. This page describes each layer and how it protects your website.

In This Guide
  1. CSF Network Firewall
  2. ModSecurity Web Application Firewall
  3. Imunify360 Malware Protection
  4. CloudLinux Account Isolation
  5. What to Do If You Get Blocked
Multi-Layer Security

4 Layers of Protection on Every Server

  • CSF Firewall - blocks brute force attacks and suspicious connections
  • ModSecurity - blocks SQL injection, XSS, and web application attacks
  • Imunify360 - real-time malware scanning and automatic cleanup
  • CloudLinux - isolates every account from every other account

01. CSF Network Firewall

All servers run CSF (ConfigServer Security & Firewall), an advanced stateful packet inspection firewall with Login Failure Daemon (LFD). It monitors connections in real time and automatically blocks IP addresses that show suspicious activity, including brute force login attempts, port scanning, and excessive connections.

CSF is also what blocks your IP if you enter wrong passwords too many times. See our firewall unblock guide if this happens to you.

02. ModSecurity Web Application Firewall

ModSecurity runs on every server with the OWASP Core Rule Set (CRS), protecting your website against common web attacks including SQL injection, cross-site scripting (XSS), remote file inclusion, and remote code execution. It inspects every HTTP request before it reaches your website.

Occasionally ModSecurity may block legitimate requests that match an attack pattern (false positive). If this happens, open a support ticket and we can add a targeted exception for your account. See our ModSecurity error guide for common false positives.

03. Imunify360 Malware Protection

Imunify360 provides real-time malware scanning, proactive defense against zero-day attacks, and automatic cleanup of infected files. It scans your files daily and quarantines anything suspicious. If malware is detected, you'll see a notification in cPanel.

For WordPress sites, we also recommend our WordPress Security Guide and our guide on fixing a hacked WordPress site.

04. CloudLinux Account Isolation

CloudLinux isolates every hosting account in its own lightweight container with dedicated CPU, memory, and I/O limits. Even if another account on the same server were compromised, the attacker could not access your files, databases, or email. This also prevents noisy-neighbor problems where one busy site affects others on the same server.

05. What to Do If You Get Blocked

If the firewall blocks your IP (usually from too many incorrect password attempts), you can unblock yourself instantly:

  1. Visit my.ultrawebhosting.com from the blocked connection
  2. The unblock tool will appear showing your blocked IP
  3. Click to unblock

For full details on why blocks happen and how to prevent them, see our Firewall Block guide.

Security Concern?

If you suspect your site has been compromised, or if you have specific security requirements, our team can help.

Open a Support Ticket

Last updated March 2026 · Browse all General articles · See also: Infrastructure | Unblock Your IP

  • 456 Users Found This Useful

Was this answer helpful?

Related Articles

Error 404 - File Not Found

Errors & Troubleshooting | Updated March 2026 A 404 error means the server can't find the...

What are these vt directories?

General | Updated 2026 If you see directories named .cagefs, virtfs, or paths containing...

osCommerce password reset

General | Updated 2026 If you have lost your osCommerce admin password and cannot log into...

How to Password Protect a Directory

General | Updated March 2026 You can password-protect any directory on your website so that...

Troubleshooting Cloudflare Errors

General | Updated March 2026 When your site uses Cloudflare as a CDN or proxy, error pages...



Save 30% on web hosting - Use coupon code Hosting30