Liquid Web customers are sophisticated consumers of hosting products and services. Whether the online businesses run on our VPS hosting hardware or dedicated servers, all website owners require a robust set of security features and tools available to them when it comes to server vulnerability assessments. We take your cloud security seriously at Liquid Web. Keeping your hosting environment impervious to unauthorize intruders and outside threats is crucial in our view. Your website requires it, and our livelihood depends on it. Accordingly, our security experts have built out several options around securing your online infrastructure that will be detailed in this article, including:

Vulnerability scans
Intrusion detection scans
Antivirus scans
PCI scans
Multi-scan packages

So, let’s take a comprehensive look at vulnerability scans in this context. But as we proceed, please keep in mind that our superb support crew of web hosting technicians is always available in case you need to discuss the plethora of security-related solutions we offer our clients, including:

Acronis Cyber Backup packages
Server protection services
DDoS protection for servers
Firewalls and VPNs
SSL certificates for servers and websites
Compliance scans
Cybersecurity monitoring services
Web application protection
Active Directory hosting

Vulnerability scans play an essential role in maintaining an online presence in today’s digital landscape, where cyberattacks are increasingly sophisticated and widespread. These scans are vital for identifying security vulnerabilities in your web servers before malicious individuals exploit them. By conducting vulnerability scans, you can proactively safeguard your systems against unauthorized access, data breaches, and other security threats. In the cybersecurity landscape vulnerability scans are a component of a comprehensive strategy to avoid the negative consequences associated with a security event at your business or organization.

Liquid Web customers whose security add-on product or multi-scan bundle features includes vulnerability scans get those by default monthly in via a Salesforce Customer Service system case. In addition, customers and can request vulnerability scans at on-demand from a standard support case when contacting us.

Main takeaways found in this help documentation post

Learn about and get a clearer understanding of the vulnerability scan menu of options as a Liquid Web customer. There are a number of nuances that depend on variables such as the operating system and such factors:

Defining the term vulnerability assessment
More about best practices when executing vulnerability scans
Understanding the multiple vulnerability scan options available to Liquid Web customers
How to request a vulnerability scan with Immunify360 PLUS for a Linux servers
About running a vulnerability scan with Server Secure PLUS for a Windows servers
Scanning your Windows servers for viruses using ESET File Security product
Meeting PCI Security Standards using our PCI scans
Staying vigilant via intrusion detection with ThreatDown powered by Malwarebytes

Defining a vulnerability assessment — a term often interchanged with the term vulnerability scan

Let’s assess what it means to conduct a vulnerability assessment — a term that is interchangeable with the term vulnerability scan. According to security experts at Imperva, the term is defined as follows:

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.

Vulnerability scan best practices and options from Liquid Web

Regularly performing vulnerability scans is essential for maintaining the security of your web servers. At Liquid Web, we recommend establishing a scanning routine — whether weekly or monthly — to quickly pinpoint and resolve threats. Utilizing scanning tools can improve the efficiency of detecting and addressing vulnerabilities promptly. It’s crucial to keep these tools current to combat the security risk.

Furthermore, it’s critical to ensure that your scans include all aspects of your web server, like websites, applications, databases, and network configurations. Immediate fixes for any vulnerabilities found can aid in preventing exploits and unwanted access. In addition to automated scans, it’s advisable to perform checks to catch any issues that computerized tools might miss. Following these guidelines improves your security procedures and helps you safeguard your information.

Liquid Web has multiple types of vulnerability scan solutions, from complete spectrum packages like Imunify360 PLUS for Linux servers and Server Secure PLUS for Windows servers to à la cart security services like PCI vulnerability scans, antivirus solutions, monthly vulnerability scanning, and intrusion detection. In this article, we will take a detailed look at all the vulnerability scans available and help you choose the best option for your server.

Imunify360 PLUS (Linux servers) for Liquid Web customers

Imunify360 PLUS is a complete security solution for Linux servers designed to provide multi-layered protection for your web servers. This package includes advanced malware detection and automated patch management. It utilizes a range of proactive security mechanisms, including a web application firewall (WAF), intrusion detection system (IDS) and intrusion prevention systems (IPS), and real-time antivirus protection, ensuring that servers remain secure against the latest threats. Additionally, it offers robust protection against distributed denial-of-service (DDoS) attacks, guaranteeing uninterrupted server performance.

Imunify360 PLUS is available for dedicated, cloud dedicated, and VPS servers (including VMs on VMware dedicated).
This package is available for new and existing services that do not currently have the old Server Secure Plus package.
Imunify360 PLUS is available for $59/month.
Current servers with Linux Server Secure PLUS can easily upgrade to Imunify360 PLUS.
This package is available only on fully managed servers with cPanel, Plesk, and InterWorx.

Running a vulnerability scan with Immunify360 PLUS

Once the Immunify360 PLUS package is installed on your Linux server, you will have two vulnerability scan options:

Immunify360 Full System Scan
3rd Party Vulnerability Scan

The next sections examine the two options in detail.

Immunify360 Full System Scan details

The first type of scan available will be Immunify360 Full System Scan. This full scan process will thoroughly assess your server, including web applications, databases, and network configurations. Once the scan is complete, Imunify360 will provide a detailed report of any detected vulnerabilities. This report will include the severity of each vulnerability and recommended actions for mitigation. Imunify360 scans can be run at any time and the email notifications and other kinds of notifications can be controlled by the customer as discussed in the How to manage Imunify360 security notifications article from developers of Imunify360.

3rd Party Vulnerability Scan details

The second option is our 3rd Party Vulnerability Scan, which also available with this package. This scan will include monthly scanning, detailed reporting, and vulnerability fixes. The monthly scan would be provided to the Liquid Web customer via a Salesforce Customer Service system case If the customer wants it to be run at any time, they can ask for the scan on-demand from via a support case.

Notes regarding both Immunify360 vulnerability scan options

Both these scans are performed once a month, and the timeframe can be changed to weekly or daily, or on demand. As well, they can be requested via our Liquid Web support team, depending on your preference. The results are sent directly to the email address linked with your account for the 3rd Party Vulnerability Scan and the email address added to your server for the Immunify360 Full System Scan. Our support and security team will help you remediate the issue and recommend mitigation actions.

Server Secure PLUS (Windows servers) for Liquid Web customers

Like the Immify360 PLUS package, Server Secure PLUS for Windows servers can help you elevate your server security to a new level. This advanced package includes proactive patch management, ensuring your software is always current with the latest security fixes. You’ll benefit from advanced malware protection and IDS/IPS software that continuously monitor for threats, regular vulnerability assessments to help identify and mitigate potential risks, and enhanced firewall configurations and security hardening to further protect your server from unauthorized access and cyberattacks:

Server Secure PLUS for Windows servers requires Plesk.
It offers a hardened configuration that closes common attack vectors
The add-on includes active antivirus protection, monthly external vulnerability scans, and malware cleanup/remediation.
Server Secure PLUS for Windows servers is available for $45/month.

Running a vulnerability scan with Server Secure PLUS

Server Secure PLUS for Windows servers includes two types of scans as well:

ESET File Security Scan
3rd Party Vulnerability Scan

The following sections review the two types of scans in more detail.

ESET File Security Scan details

This package comes with the ESET antivirus software included. ESET File Security Scan will monitor your services, keep them up to date, and run real-time scans to help protect your server from viruses. You can also interact with ESET directly if you’d like to run an on-demand scan or see recent scan results. You can follow our Using ESET Antivirus for Windows help documentation for detailed instructions on how to run an on-demand scan.

3rd Party Vulnerability Scan details

In addition, the 3rd Party Vulnerability Scan is included, providing you with monthly vulnerability scans — the results of which are sent directly to your email address. With both vulnerability scanning options, you can change the frequency to align with your preferences.

À la cart security services for Liquid Web customers

Sometimes, you might not need a full security suite, but just a single security service to address a specific concern. For instance, if you’re particularly worried about malware infections, you might opt for a dedicated antivirus service without the need for additional features like intrusion detection or firewall management. This flexibility lets you to customize your security efforts to align with your unique needs and budget, ensuring you only pay for the services you truly need.

At Liquid Web, you can choose and pay for specific services individually rather than as part of a bundled package. The à la cart security services include various options tailored to provide targeted protection for your servers and data. You can select from services like antivirus, regular and on-demand vulnerability scans for PCI compliance, intrusion detection scans, or multi-scan packages.

Scan your systems via a trusted antivirus solution for Windows servers using ESET File Security

ESET File Security Scan is an antivirus solution for our Windows servers. It will help you run server-wide on-demand scans and provide detailed results and recommendations on how to remediate and take action against immediate threats. Remember to refer to our Using ESET Antivirus for Windows guide regarding ESET File Security Scans on your system.

Meet PCI Security Standards using PCI scanning

PCI scanning is crucial to ensuring your business meets PCI Security Standards. This service includes automated quarterly scans of up to 10 IPs within your environment to identify vulnerabilities that could jeopardize cardholder data. If compliance issues are detected, our team will address them promptly and perform re-scans to confirm that any problems have been resolved. These scans, combined with robust security measures and 24/7 support, help you protect sensitive financial information and maintain industry standards. You can also request an on-demand PCI scan by contacting our support team.

Run regular and on-demand vulnerability scans to void potential threats and exploits

Our vulnerability scans help you identify and address possible threats before malicious actors can exploit them. With detailed and easy-to-read reports, vulnerability scans provide an up-to-date log of potential threats, as well as actionable insights, allowing you to mitigate any issues quickly. Liquid Web’s vulnerability scans help you enhance the security and reliability of your infrastructure, keeping your data safe and maintaining customer trust. Vulnerability scans are performed automatically once per month and all the results are sent to your email address.

Staying vigilant via intrusion detection with ThreatDown powered by Malwarebytes

ThreatDown is a host-based IDS that uses integrated intrusion signatures to detect suspicious activities that may damage your website’s infrastructure. It is good to regularly monitor your devices by scanning applications and devices running on your system to prevent intrusions. ThreatDown powered by Malwarebytes complements Liquid Web’s round-the-clock assistance to give your systems more thorough protection.

As a proven cybersecurity monitoring product, ThreatDown monitors and analyzes security parameters across your server environments to identify anomalies and flag intrusions as they occur. This advanced cybersecurity monitoring service can help you meet security standards associated with PCI DSS, SOC 3, and HIPAA/HITECH compliance guidelines. You will be contacted immediately via email if any issues are found.

Are vulnerability scans essential for your server security?

Yes, indeed, they are as we have revealed via this post. The truth is that vulnerability scans are vital in maintaining your server’s security — and your peace of mind — especially in today’s online threat landscape. By regularly scanning your systems, you can identify and address vulnerabilities ahead of time, safeguarding against potential cyberattacks. Join forces with Liquid Web, who has been thwarting cybercriminals for years with an advanced software toolkit such as DDoS protection for servers.

With Liquid Web’s wide range of solutions, from comprehensive packages like Imunify360 PLUS and Server Secure PLUS to customizable à la carte services, you can choose your security measures to your specific needs. Utilizing these tools not only protects your infrastructure but also ensures compliance and builds customer trust.

Was this article helpful?

Thank you for your input.

Thank you for your feedback.