With AISO.net, yes they are protected from SQL injection, cross-site scripting, website defacement and many other types of attack techniques including the OWASP Top 10. However your not protected if the hack does not use one of these methods or they know your login information.
Even with network firewalls, DDoS systems and Intrusion Prevention Systems (IPS) that we have on our network, malicious users can breach a website using a number of attacks, including SQL injection, cross-site scripting, and session hijacking. These dangerous attacks appear as harmless traffic to a network firewall or IDS and will therefore be allowed to pass through.
To protect our shared web hosting clients we have installed a web application firewall (WAF) on our shared hosting servers.It enables our clients to address challenging PCI DSS requirements in a straightforward and cost-effective manner. It fulfills the application layer firewall requirement in PCI DSS 6.6. In addition to meeting PCI DSS compliance regulations, it offers comprehensive protection against SQL Injection, Cross-Site Scripting, and scores of other application-level attacks.
The WAF creates a security layer in front of the application. It detects and protects against application-level attacks in incoming web traffic that could be used to compromise your web site and steal credit card and other corporate data. It is installed on the server so no configuration is needed on your web site. It provides an immediate and highly accurate application-level security, according to PCI DSS 6.6 standards. We also have a unique JITP system that addresses vulnerabilities in applications that can not be patched by patching it for you! Our JITP system will plug the holes in your applications so you can take the time needed to test updates, and yet still operate your web software in a secure and safe manner.Â JITPs are released daily when new vulnerabilities are discovered so you don't have to worry.
We also have per user isolation on our shared hosting servers. Through user virtualization, each web hosting account's file system is effectively isolated into its own virtual environment preventing one user from seeing any other users or their files on the server. This creates a new level of security, making it much more difficult for hackers to attack, deface, or steal data from our shared hosting servers.