1 (888) 997-2457 Chat Status Login
We can help you. Right now.
Fast growing merchants depend on JetRails for high-stakes hosting. Experience counts. Let's get started.
Your message has been received, a representative will be contacting you shortly. if you have an emergency, please call us at 1 (888) 997-2457 or email us at [email protected]









Call us at:1 (888) 997-2457
Security
a case study for Restaurantsupply.com

Disruptions can happen, but proactive monitoring means malicious attacks will be detected and deterred imminently ensuring business continuity. With a  proprietary JetRails platform including Geoblocking technology, ecommerce environments remain safe and stable in the event of malicious targeting.

As a leader in the commercial kitchen equipment and supply industry, restaurantsupply.com brings years of valuable experience to making food service professionals successful. Offering educational pages and a consultative approach to selling, they specialize in offering customers options towards making informed purchasing decisions. The company offers all major brands of equipment, kitchen tools and supplies from the biggest and most trusted names in the foodservice industry at the most competitive prices.

Challenge

Restaurantsupply.com realized that their website was not performing optimally. Hosted on a Magento 2 Enterprise clustered environment which was properly sized, the site’s speed was not in alignment with industry standards.  Latency in their customer navigation experience was contributing to lowered conversion rates. With a website hosting more than 150,000 SKUs within a fiercely competitive marketplace, they knew that they needed to take action.

The JetRails engineers initiated an investigation looking for causes to the sites slower speed.  They uncovered a significant influx of malicious bots jumping from page to page. Bot behavior is specific and follows a systematic navigation pattern, unlike normal site visitors who follow a more scattered “surfing” navigation pattern.

These bots had a primary objective – they were collecting cost intelligence as a means to gain an advantage and undercut pricing. This is a common malicious tactic which generates a large volume of traffic against a target. This influx of bot traffic was causing load on the site and thereby hindering speed. We analyzed the access logs and uncovered that the bots were gaining direct entry into the server through port 80 and 443, generally a gateway for web communications.

JetRails Action Plan

JetRail’s engineering team took ownership of the digital asset securing all pathways and blocking off the ports that were allowing malicious traffic to enter the platform.  A Least Privilege Policy was implemented as part of a best practices protocol. This is an important step in ensuring the protection of data and functionality from malicious behavior. The principle requires a user to maintain only those privileges which are essential for them to adequately perform their specific function.

A Content Delivery Network (CDN) was deployed to act as a protective Web Application Firewall (WAF) with all traffic being proactively filtered through it. The WAF is also capable of mitigating threats to sites that do not have properly installed Magento Security Patches.

However, there are some vulnerabilities that even a WAF cannot deter, and Magento Security Patches should be installed properly at all times to minimize your site’s vulnerabilities. A best practices protocol was established to notify their development team of Magento Security Patch releases.

Through the access logs, we identified the bots as having associated IP addresses from China and certain  European countries. The company’s clientele is exclusively US-based, which exposed the geographic location of the malicious bot traffic. We created a GEOBlocking protocol to obstruct all traffic from outside of the United States. Furthermore, we implemented an advanced proactive monitoring system, managing the website up to the first line of code.

Results

The restaurantsupply.com website was no longer being affected by malicious web traffic. By eliminating erroneous activity,  environmental resources were readily available  to keep the site running optimally and quickly. Customers experienced better site navigation which translated into increased conversions rates and Google site rankings.

Protocols were put into place to help prevent future malware attacks. The JetRails proprietary stack in combination with our managed services and software certified technology partners helped mitigate further Denial of Service (DdOS) attacks and forced intrusion giving the restaurantsupply.com team peace of mind that their site is safe and secure.

Related Case Studies
Schedule Consultation
I want to:
The following:
By this date:
We know you are busy and that your time is valuable. When would it be convenient for us to connect with you?