Compatible With

  • Full color 7.3+ | 8.0+| 9.0+
  • Evoq content 7.3.4 | 8.0+| 9.0+
  • Evoq engage 7.3.4 | 8.0+| 9.0+
  • Convert 7.3.4 | 8.0+| 9.0+
  • The cloud evoq OnDemand
  • Evs Logo Azure Compatible

Overview

Live Shield adds a layer of protection around your site to identify, quarantine, and neutralize a hack in real-time, keeping your site safe from a malicious attacker. It can be configured to run in Detection or Prevention Mode.

Overview
Activity
Detection

Detection

In Detection Mode, Live Shield monitors and logs all identified threats. Email notifications are also sent if enabled.

Live Shield DOES NOT BLOCK any threats when it’s operating in Detection Mode. A common use case is for administrators to run in Detection Mode to observe logs for false positives and tweak necessary settings. Turn on Prevention Mode once an administrator has created necessary exceptions for false positives.

Prevention

In Prevention Mode, Live Shield monitors, logs, and blocks all identified threats. Email notifications are immediately sent if enabled.

Live Shield holistically protects your site and DOES NOT FACTOR the source of the change. For example, it will monitor and block any file intrusion or modification regardless of if it was introduced through a core or 3rd party vulnerability or a legitimate source such as FTP. Similarly, it will block ALL new grants of Superuser privileges regardless of whether it was through a SQL Injection attack or legitimately via Persona Bar. Therefore, it’s imperative to DISABLE or SWITCH to Detection Mode before installing any new extensions, upgrading your DNN or Evoq Site, or granting new Superuser privileges.

Prevention

File Intrusion & Monitoring

A critical security scenario is when a hacker can upload a file (such as rootkit) to your site or modify an existing file (to deface).

Live Shield continuously monitors the site for any changes to the existing files or addition of any new files. All changes are logged. File types that are explicitly disallowed are immediately quarantined (Prevention Mode) or flagged (Detection Mode) when a change is detected in existing file, or a new file is added.

File Intrusion & Monitoring
Disallowed File Types

An administrator may add custom file extensions to monitor; however, the following extensions are always monitored and new files with these extensions are never allowed.

ascx,ashx,asp,aspx,cfm,cfml,class,cshtml,dll,exe,java,jsp,php,php,php3,shtm,shtml,stm

Exclusions

An administration may want to add exclusions to reduce the burden of routinely reviewing the logs for any suspicious activity. Specific Folders, Files, and File Extensions can be excluded from monitoring. Wildcard character (*) is supported for dynamic paths.


Quarantine

Live Shield automatically quarantines an identified threat (Prevention Mode) by renaming the file to “.resources” extension. By default, “.resources” extension type is disallowed and blocked by IIS; effectively keeping the file in place but rendering it inaccessible.

Site Offline

DNN & Evoq sites run off a single Default.aspx page. Live Shield cannot just quarantine Default.aspx by renaming and adding “.resources” if it is replaced or modified since that will cause the site to throw error.

Live Shield automatically creates an app_offline.htm to gracefully bring the site down and show a maintenance message if any tampering is detected with Default.aspx. An administrator can customize the message and branding of app_offline.htm

Superuser Privileges

Superuser Privileges

Another critical security scenario is when a hacker elevates the permission of a normal user to Superuser using SQL Injection or other means.

Live Shield continuously monitors the site and its database for any changes to the Superuser privileges. Any new grants of Superuser privileges are immediately quarantined or reverted (Prevention Mode) or flagged (Detection Mode).

Notifications

When enabled, notifications are automatically sent to a specified email in both Detection & Prevention modes. A configurable from name allows the emails to set the importance or urgency of the message.

Notifications

Let's Get Started

 

Standard

$ 299

90 Days Support

  • Single DNN Install 1

    perpetual license
  • Localhost Only
    dev, staging, & testing licenses
  • Free Minor Upgrades
    Discounted Major Upgrades 3

     
Buy Now

Popular

Enterprise

$ 599

1 Year Support

  • Unlimited DNN Installs 2
    perpetual license
    with 1 year subscription
  • Unlimited DNN Installs 2
    dev, staging, & testing license
  • Free Minor Upgrades
    Discounted Major Upgrades and Renewals 3
     
Buy Now

 

Enterprise w/Source

$ 999

1 Year Support

  • Unlimited DNN Installs 2
    perpetual license
    with 1 year subscription
  • Unlimited DNN Installs 2
    dev, staging, & testing license
  • Free Minor Upgrades
    Discounted Major Upgrades and Renewals 3
    Includes C# Source Code
Buy Now

1) DNN Install is defined as collection of DNN Portals/Domains that are running off same DNN custom forms Database and Filesystem.
2) Enterprise is defined as your company site(s) and those of your customers that are directly managed by your organization. Includes 1 year of subscription with “perpetual” use rights—the ability to continue using the software after the subscription has expired, even though the ability to download software and/or request product activation keys ends when the subscription expires.
3) 50% discount on major upgrades and renewals.
Please refer to our End User License Agreement for complete details

Frequently Asked Questions

A perpetual license allows you to use the licensed software indefinitely without paying annual or any additional licensing fees.

We strongly recommend to purchase Enterprise Edition which allows you to activate the product on any number of DNN Installs for dev/staging/testing.

You can use the product for dev/staging/testing under LOCALHOST url only with Standard Edition.

Live Shield is compatible with DNN 7.3.0 & above

Not at all. Trial version is fully functional and it's identical to our production version.

You're welcome to evaluate the product for 14 days after which it must be activated. You will not lose any of your work or settings when activating the trial to production.

See our Documentation Section which is a central repository of for all of our products.