I have Backdrop running on a shared server, and today had some malware files discovered by Sitelock.  I deleted the files. However, the Sitelock phone support person says that I have no firewall, and that is a problem.  I called the web hosting provider, and they said the firewall is normally a module in the CMS.  He referred to it as a "Personal Firewall" to distinguish it from the server firewall, which they do have.  My question is this:  what should I use as a firewall to protect Backdrop?

Comments

I don't know of any "firewall" as a module in a CMS. The best way to secure Backdrop is to keep it updated.

Thanks, herb, for the comment!  I found that Wordpress has several "firewalls" you can install as modules.  Using Drupal and Backdrop, I had never heard of such a thing.  I suppose Wordpress is so ubiquitous that the Sitelock people just assume that is what I am using.  Perhaps tech support people are not always the most widely experienced....

I don't think anyone has ported anything Backdrop. Though I did a quick search of Drupal and did see an integration with fail2ban, which needs to be installed on the server https://www.drupal.org/project/fail2ban. You could port or get someone to port it, if your host will also install fail2ban. Though that only helps *after* its known the IPs that are trying to break into your site.

By the way, once your site has malicious files just deleting those files will unlikely help. Your best best, sadly, is to wipe it all and restore from a backup.

Thanks, Herb!  I'll take a look at fail2ban to see how it might apply....