ionCube24

What is ionCube24 and how does it work?

ionCube24 is a three-part suite for monitoring service availability and performance, ensuring security and protection against malware, and capture of PHP and JavaScript errors.

Monitoring is performed every minute by testing the time it takes to connect and receive a response. Alerts are raised for error conditions, and both real-time and historical charts are available to view performance trends. Common services such as Website, DNS, SMTP can be monitored, with a choice of regions of the world to connect from.

PHP errors in website and CLI code are captured with a PHP extension, so no code changes are required, and JavaScript errors are captured by adding a script tag to web pages. Errors can be easily viewed, filtered and prioritised via the ionCube24 web interface.

ionCube24 keeps websites secure by blocking files added or modified on the server after security is enabled, and sends notifications when new or modified PHP files are detected. As some websites may routinely generate new files, file blocking is switched off by default to avoid accidental blocking and behaviour to be monitored. Enabling and disabling of security, blocking behaviour, whitelisting and whether files are blocked or unblocked can all be controlled via the web interface. Security can also be managed via an API.

How do I install and setup ionCube24?

After creating an account and logging in, the next step is to add a Server item and then your first Domain. The server could be named based on where you host your website, e.g. GoDaddy. The domain will be the domain name of your website. The current ionCube24 features of intrusion protection and error reporting use a plugin to PHP called the ionCube Loader. This is widely used and may be installed already, but if not your hosting provider should be able to assist. We can also give assistance. You will be guided through the necessary steps to get setup when you add your first domain.

Will ionCube24 slow down my website?

Our performance tests have not shown any impact, and if your site already uses the ionCube Loader then enabling ionCube24 may actually improve performance. This is because ionCube24 eliminates the need for the Loader to check whether a file has been secured by the ionCube PHP Encoder every time it is accessed.

Can I request features?

Sure, we are always interested to hear about features that could help your business run smoother. Whether it's a request for something that we don't offer right now, a change to an existing feature or comments on how an active dev feature is shaping up, do get in touch.

How can I uninstall ionCube24?

You can disable ionCube24 on the ionCube Loader by setting the entry ic24.enable to 0 in your php.ini file:

ic24.enable = 0

This will disable ionCube24, while leaving the ionCube Loader intact. Should you wish to uninstall the ionCube Loader, you can remove the relevant zend_extension entry pointing to your ionCube Loader files from your php.ini, as well as remove any ionCube Loader files from your system.

My Web Server is not accessible from the Internet. Can I still use ionCube24?

Not currently because our servers must communicate with your Web Server when you make configuration changes. However, if you can give permission to access port 80 for our IP addresses, and if your server can connect back to our servers, it could be used.

My server is shared without root access. Can I benefit from ionCube24?

Yes! Provided that your operating system is supported and you can install the latest ionCube Loader, you should be able to use ionCube24. If you have problems getting setup or your system is not supported, please contact us so we can assist.

Will ionCube24 work with a site that uses a proxy (such as Cloudflare)?

Yes, however currently you may need to whitelist our administrator IP 54.172.250.61. Cloudflare discuss whitelisting IP's in this article.

How much does ionCube24 cost?

Plans are priced monthly as follows based on the number of domains that are covered:

Free - FREE
The Free plan is FREE to use with limited features on one website.
Trial - FREE
The Trial plan is FREE for 14 days. You can try all features across up to two websites, with monitoring from all regions.
2 Site Plan - $15
Our entry level plan covers two websites.
5 Site Plan - $29
Our mid level plan covers up to 5 websites.
10 Site Plan - $59
Our top plan covers up to 10 websites.

Each plan also offers a longer data retention period than the preceding plan. Please contact us if you need a plan for more than 10 domains. Further details are available in the pricing table.

How long does the Free Plan last?

You can continue using the free plan for as long as you like but may require re-activation based on your activity. You can continue to re-activate and use the free plan for as long as it is one of our plan options.

3 day data retention - Data is only held for a rolling 3 day period on the free plan. This allows you to compare historical data over the last 3 days. Our paid plans offer much longer retention periods.

Is a credit card required to use ionCube24?

No, the free trial does not require any credit card or other details. Payment details are only required when subscribing to one of the paid plans.

Can I change my plan at any time?

Yes, you can upgrade or unsubscribe from your current plan at any time. If you upgrade, your account will instantly gain access to the plan's features - if you decide to unsubscribe, you can still use all the features until the end of your billing cycle.

What payment methods are available?

Payment can be made with PayPal and Stripe.

The plans do not fit my requirements. Can you help?

Sure! We offer custom plans specifically tailored for your needs. Just contact us at sales@ioncube.com or open a ticket at our Support HelpDesk and tell us what you need!

How does ionCube24 monitor my website and services?

ionCube24 can test several different types of services related to your website: HTTP, DNS, SMTP, FTP, IMAP, POP3 and PING, from different regions around the world. You can choose which regions to test from and what type of service you want to monitor. The monitors record connection and response times for each service, which can be plotted on charts.

What does it mean when a monitor service is unreliable?

If the monitors for a service fail a test and then recover many times in a very short amount of time the service will be considered unreliable. While a monitor service is unreliable you won't receive any alerts for that service to prevent you from receiving a large number of alerts. Alerts will be sent normally again once the service becomes reliable.

How can I view more than one chart at a time?

By choosing to display results on a new chart, + you can view multiple charts at once, and choosing to display results on a (not new) chart will cause all other charts to be hidden. If you are monitoring multiple servers, each chart will show each server's performance in that service together.

What time ranges can I view?

Charts can show results for many different ranges of time, from 3 hours to 4 weeks. By default, these times are the most recent before the current time "now", but can be set to be before, from or before the end of any date.

How can I focus on an interesting part of the chart?

You can zoom in on a part of the chart to get a more detailed view of the data, and pan across the chart at the same zoom level. The charts by default clip outlying data points to avoid overshadowing the rest of the data, but if you want to look at those spikes you can toggle this option.

What if I want to save a specific chart configuration?

You can do this easily by adding a bookmark to the chart. You will then always be able to go back to that exact chart from the bookmarks menu until you delete that bookmark. Charts using the time "now" have the option of being saved to always use that exact point in time, or to always use the current time.

What does the error reporting feature do?

This feature captures realtime errors as they occur on your website. It can alert you via the notifications system if there are warnings or fatal errors that may need attention, and you can view all captured errors on a per error basis.

What is the difference between Site Errors and Site Error Notifications?

The Site Errors feature is a sortable, filterable and searchable table of PHP and JavaScript Errors of varying error levels such as Notice or Warning. Any errors detected by the ionCube Loader will be reported here.

Entries to the Site Errors page however, won't necessarily generate any notifications because many sites will produce errors such as Notices which aren't fatal nor necessarily within your control to fix. Due to this, only PHP Errors and Warnings will generate Notifications, which you can receive through the UI, Email or Pushover.

However, Site Error entries and Error Notifications do share functionality in that reading a Site Error Warning or Error will also read its corresponding Error Notification and vice versa. Note that whilst Site Errors and PHP Errors are linked via the ability to read notifications, ignoring Notifications or Site Errors are not linked and will produce different effects. More info can be found in the "Can I ignore a notification permanently?" entry below.

Notifications can also be raised via other means such as the Security feature. These are not related to Site Errors in any way.

ionCube24 reports many PHP errors for my site but it still seems to work. Why is this?

PHP has several error levels. These include non-critical Notices that may be due to poor coding, Warnings of operations that failed but that did not stop the request, and Errors that caused a request to fail and usually giving a blank page. PHP can also warn when a program uses Deprecated features that are going to be removed from PHP in the future, and cases where code did not follow Strict usage guidelines.

A well coded website should produce no errors at all, however many websites will produce errors, with Notices being the most common. As they are not fatal errors, they will not prevent the site from working, however in some cases Notices can be an indication of bugs. If these occur in your own code, you should aim to resolve them.

Can I ignore a notification permanently?

Yes. You can silence a non-security notification by clicking the icon before marking it as read with .

Use the Filter dropdown if you wish to show ignored notifications later.

Because only PHP Errors and Warnings generate notifications however, there is a difference between ignoring a notification and a entry on the Site Errors table. Ignoring the notification will prevent the same notification from reappearing whereas ignoring the Site Errors entry will hide it from the table

Can I hide all errors of a certain type?

Yes. Use the Site Error Reporting > Global Settings feature to select types of errors to ignore. Note that this will take effect for all domains across all servers.

You can also ignore errors with a setting in the php.ini file. Suppose you want to ignore all Notice level notifications. Add the following setting to your php.ini file:

ic24.phperr.ignore = E_NOTICE

Error types can also be combined as in the following examples:

;; Ignore notices, strict and deprecated warnings ic24.phperr.ignore = E_NOTICE | E_STRICT | E_DEPRECATED ;; Ignore all except fatal errors and warnings ic24.phperr.ignore = E_ALL & ~E_ERROR & ~E_WARNING

How does ionCube24 protect my site?

The core of ionCube24 is the ionCube Loader, a widely used extension to PHP for processing secured PHP code. Before a PHP file is run the Loader checks whether the file has changed or been created since security was enabled. If it has, and unless the change is expected, the file is very likely to be malware and is blocked from being run. This ensures that no matter how an attacker places malware into your site, it will be stopped.

If my site has an unknown vulnerability, can ionCube24 still protect it?

Yes! ionCube24 does not need a list of known vulnerabilities to be effective. It works by blocking attempts to execute files that have changed and files that are unknown. No matter how a hacker manages to inject PHP code into your site, it can be blocked when they try to run it.

My domain has name aliases not added to ionCube24, is it still protected?

If your domain is reachable under any name other than the ones you have configured, you should enable Domain Wildcard Protection on one of the domains for your server. This will ensure that all domains on the server are protected, including those not configured in the interface. This will also protect if a domain is accessed by a fake name. As this setting will protect all domains on your server, it is best to ensure that all domains have been configured accordingly.

If your plan does not include Domain Wildcard Protection, it is recommended to ensure that your domain is reachable only by the names you have configured in ionCube24. Furthermore, your domain should not be the default domain on your server, (i.e., your webpage should not be reachable through the IP address of the server), as this may allow your site to be reached using an unprotected domain name.

If you have problems setting up your system, please contact us so we can assist.

How can I know if a problem was detected?

The ionCube24 Loader notifies our servers immediately that a file on your site is blocked. From there, an alert email can be sent to you. The ionCube24 control panel also responds to real-time events, and will update automatically if you are logged in. Alerts can be acknowledged, but if they are not, the system can send reminders. The alerting system can be customised to suit your needs as required.

How do I allow my trusted website files?

There are several mechanisms for this.

Trustpoint
The Trustpoint is the point in time before which your site is known to have files that are trusted. By default it is the time when security is first enabled. Files created or detected as changed after this time will be blocked. The Trustpoint can be changed by disabling and re-enabling security, and also via the API.
File Exclusion Key
The file exclusion key is a key unique to each server. If the key appears on the first line of a PHP file, e.g. as a comment, that file will be automatically trusted. The Trustpoint is likely to be more convenient for existing files, but the exclusion key can be useful to permission dynamically created or updated files by code that is itself trusted.
PHP INI entry: Automatically trust certain directories
You can configure ic24.sec.trusted_include_paths in your php.ini to automatically trust entire directories. For example, if you wanted to trust the directory /var/cache then simply set this setting to /var/cache. If you wanted to trust multiple directories, you can use : as a seperator, e.g. /var/cache:/var/other
Finally, you can prefix a directory path with + or - to either include or exclude the directory, which could be used to trust files in a directory except a specific sub directory. This can be doing via the following: /var/cache:-/var/cache/private
Add Trusted Files
Through the web interface, directories of your server can be scanned for files to be trusted, e.g. files ending with .php

When I update my website will my changes be blocked, and how can I avoid this?

Changes are likely to be blocked because they will be unexpected, and your site is protected precisely because ionCube24 does block unexpected changes.

Before updating files, our recommended approach is to temporarily disable security, then update the files on your website and re-enable security once all updates have completed. It is best to update as quickly as possible so there is no window of opportunity for an attacker. The interface has options to disable security for 5, 10 and 15 minutes, as well as indefinitely. If you choose one of the temporary options, security will automatically be re-enabled after that period of time.

Another option is to have certain directories of the site automatically trusted with the ic24.sec.trusted_include_paths setting, who's usage is detailed in the section 'How do I allow trusted Website Files'.

The exclusion key can also be used to indicate that a file should be trusted. Last, you can add sets of files to be trusted via the web interface.

What operations are suppported by the API?

For the time being, only operations related to setting the Trustpoint are supported. An example using cURL of setting the Trustpoint for domain xyz.com 5 minutes into the future would be:

curl -sS -d {' "trustpoint_delta": 5 }' \ -X POST -H 'Authorization: API key="XYsdfhooufhukwerhuosrghoisgho348734sdfbukZ"' \ -H 'Content-Type: application/json' https://ioncube24.com/api/v1/domains/xyz.com/trustpoint

Note: The authorisation key is an example, and you should use an API key specific to your account.

Where can I find the ionCube24 API documentation?

The documentation is available here, as well as on the API Keys section of your profile settings.

How can I obtain an API key?

Visit the API Keys section of your profile settings, then select "Create new key". A user may only have two API keys at any given time.

Is there a reseller API?

Yes. A reseller API is available to allow automated onboarding to ionCube24. For more details please contact sales@ioncube.com

How do I get support?

If you need support, simply contact create a ticket in our support helpdesk at support.ioncube.com and we'll be happy to assist.

How do I contact sales?

For sales assistance, please email sales@ioncube.com or create a ticket in our helpdesk at support.ioncube.com.

Frequently Asked Questions