Our Security Work
Lately the amount of vulnerabilities and hacked websites have exploded. They are then used by botnets to send out spam or attack a third party. Aided by smart technology we stop almost everything.
DDoS attacks don’t overload the server anymore
Denial of Service and Distributed Denial of Service is a type of common attacks used to bring down an entire server.
By attacking a server with as much data as possible, the server reaches its maximum capacity limit.
In some cases DDoS attacks can bring down an entire hosting provider’s network. Thousands of customers are affected, even though the initial attack was only targeting a single customer.
Our advanced DDoS protection sits at our internet service providers for our data centers. When someone launches a DDoS attack against our customers we are able to use their full bandwidth (over 1 000 Gbit/s). You never notice a thing.
Security Updates Without Restarts
A server works the same way as your computer does. To install an update they commonly need to be restarted.
While you can live with your computer being off for a few minutes, it is unimaginable for a business critical server.
To avoid restarts we use a special software to inject security updates as soon as they are made public. Often long before they make it into the operating system.
User Isolation for Maximum Security
On a web hosting plan you’re never alone on a server. The server capacity is shared between many users. It is crucial that users can’t access each others’ files or affect their websites.
Isolated accounts mean that for users on our servers, it looks like they are alone. This also lets us offer you access via SSH (secure shell access via the terminal).
Another advantage is that we can give you other developer friendly features that you won’t otherwise find on a web hosting plan, such as caching by Memcached or Redis. We can also make sure that a user don’t use all the server resources because of a traffic spike or programming bug.
Catches Malware Before it Reaches Your Server
All of our servers are equipped with a filter that processes what is being sent to the server. It stops all common attacks and we actively work to update our own registries of known file signatures so that malware can’t be uploaded on our systems.
Should a new vulnerability aimed a a specific application such as WordPress appear we can write a custom filter rule to block attacks.
Automated Security Updates of Your Applications
Everyone can’t know exactly how to keep their system up to date. Perhaps the person who knew has quit.
We have a tool that automatically scans your web hosting account for known security threats and informs you.
From our control panel you can update or let the tool handle the threat automatically with a click.
If you’re running WordPress and don’t want to worry about updates, check out our Managed WordPress service.
Secure Protection of Old PHP Versions
The programming language PHP is used for almost every application on our web hosting accounts. But there are so many different PHP versions. An update could mean that you website breaks, unless it’s been properly maintained.
PHP is not officially supporting old versions any longer. As a consequence there are also no security updates for these. Our control panel lets you easily update PHP.
In addition we also release security patches for older PHP versions. If you are stuck on PHP 5.2 you’ll still be protected by us. Long-term, we always recommend that you upgrade to the latest stable version. Not only do you get security benefits, but the best performance too.
Automatic Daily Backups
Sometimes it happens. Phone in one hand, TV on in the background. You’re cleaning up your hosting account.
Whoops! There goes the production database for the entire e-commerce store…
All web hosting accounts have files and databases backed up daily. You can easily restore from an earlier copy with a click from the control panel.
Backups are stored for up to 3 months. The first month one backup is stored every day. Then one per month.
All backups are stored physically separated from the server where your website is located.
Everyone from our first line support to management get a notice if someone is wrong or about to go wrong with a server or service. This lets us act quickly to manage the situation.
Outside of office hours there are always technicians available who are notified and can take action.