Server security is one of our server host’s top priorities. Here is just a small part of the measures taken to keep our servers and your websites secure.
- By default, we have set all servers to use the latest PHP 7 version with the latest security fixes.
- We are running Apache in a chrooted environment with suExec.
- We have sophisticated IDS/IPS systems which block malicious bots and attackers (Intrusion detection/prevention systems).
- ModSecurity is installed on all of our shared servers and we update our security rules weekly, thus protecting our customers from the most common attacks.
- We strive to keep the versions of all the software that is providing database services (FTP, SMTP, IMAP/POP3, HTTP, HTTPS) up to date with the latest security patches.
- We are constantly monitoring for vulnerabilities in the most popular applications and modules and whenever possible we develop virtual patches in the form of WAF rules (Web application firewall).
- We ensure that users’ data is accessed only by trusted personal on request by following strict policies and we keep detailed records for such access.
Unfortunately, the above is not always enough. Most web applications require constant attention and updates to remain safe from the latest security vulnerabilities.