About our Hosting Service <
Back
We take pride in our excellent record with regard to
server stability, accessibility, and security. Our speed and
responsiveness is due not only to powerful, self healing servers,
but also by limiting the number of accounts we place on each server.
Only those clients of WebWorksPro reside on our servers.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SPECIFICATIONS and STABILITY
8 vCPUS / 7.2Ghz | Guaranteed Ram: 8192MB
Unlike traditional hosting, our infrastructure
is cloud-based. Every server is self-healing; if any hardware fails,
that server will fall out of the cloud and your site will come back
online within seconds on new hardware. Automatically. Unlike
standard VPS or shared hosting, Hosting
on the cloud gives you a fixed and guaranteed resource, even if you
get a huge traffic surge. Cloud hosting guarantees better
performance, uptime and stability.
BACKUPS AND REDUNDANCY
Our Cloud server is replicated in real time via
Multipath I/O over a total of 96 drives of full redundancy. Snapshot
backups are integrated with each server setup. Your website is
backed up weekly off-server and weekly, locally.
SECURITY
24/7 Monitoring and Management: Your
cloud server is monitored 24/7 by a full staff of qualified and
experienced technicians who perform hardware and network management,
firewall configuration, OS and pre-installed software support,
security and server hardening.
Private Server: We purposely don't target the 'masses' by offering
low cost hosting. This keeps a controlled amount of accounts on a single
server, and avoids attracting malicious activity. We target
those clients who are looking for a more complete hosting and
maintenance solution to get more bang for their buck. Often, low cost
hosting accounts are opened for the sole purpose of spamming once,
then disappearing. This results in our servers in jeopardy of being
blacklisted. Additionally, hosting only those sites we develop
prevents careless installation of insecure scripts and programs
which are resource hogs. Such programs can cause a server to be slow
in response.
Security, Firewall and Login Intrusion Detection:
A full suite of scripts provide your website with protection against
login intruders including excessive users, excessive connections,
excessive email relaying, suspicious processes, port flooding, load
balance monitoring, account modification monitoring, etc.
Please see the full list of firewall specifications below. Our
technicians also have our servers on firewatch 24/7 and will respond
immediately to any suspicious activity.
Regulated Malware Scanning: MALDET/LINUX:
Linux Malware Detect (LMD) is a malware scanner for Linux released
under the GNU GPLv2 license, that is designed around the threats
faced in hosted environments. It uses threat data from network edge
intrusion detection systems to extract malware that is actively
being used in attacks and generates signatures for detection. In
addition, threat data is also derived from user submissions with the
LMD checkout feature and from malware community resources.
Features:
- MD5 file hash detection for quick threat
identification
- HEX based pattern matching for identifying threat variants
- statistical analysis component for detection of obfuscated threats
(e.g: base64)
- integrated detection of ClamAV to use as scanner engine for
improved performance
- integrated signature update feature with -u|–update
- integrated version update feature with -d|–update-ver
- scan-recent option to scan only files that have been added/changed
in X days
- scan-all option for full path based scanning
- checkout option to upload suspected malware to rfxn.com for review
/ hashing
- full reporting system to view current and previous scan results
- quarantine queue that stores threats in a safe fashion with no
permissions
- quarantine batching option to quarantine the results of a current
or past scans
- quarantine restore option to restore files to original path, owner
and perms
- quarantine suspend account option to Cpanel suspend or shell
revoke users
- cleaner rules to attempt removal of malware injected strings
- cleaner batching option to attempt cleaning of previous scan
reports
- cleaner rules to remove base64 and gzinflate(base64 injected
malware
- daily cron based scanning of all changes in last 24h in user
homedirs
- daily cron script compatible with stock RH style systems, Cpanel &
Ensim
- kernel based inotify real time file scanning of
created/modified/moved files
- kernel inotify monitor that can take path data from STDIN or FILE
- kernel inotify monitor convenience feature to monitor system users
- kernel inotify monitor can be restricted to a configurable user
html root
- kernel inotify monitor with dynamic sysctl limits for optimal
performance
- kernel inotify alerting through daily and/or optional weekly
reports
- e-mail alert reporting after every scan execution (manual & daily)
- path, extension and signature based ignore options
- background scanner option for unattended scan operations
- verbose logging & output of all actions
Regulated Malware Scanning: CLAMAV:
Clam AntiVirus (ClamAV) is a cross-platform antivirus software
tool-kit able to detect many types of malicious software, including
viruses. One of its main uses is on mail servers as a server-side
email virus scanner.
Clam AntiVirus is an open source (GPL) anti-virus
toolkit for UNIX, designed especially for e-mail scanning on mail
gateways. It provides a number of utilities including a flexible and
scalable multi-threaded daemon, a command line scanner and advanced
tool for automatic database updates. The core of the package is an
anti-virus engine available in a form of shared library.
Main Features:
-
command-line scanner
-
fast, multi-threaded daemon with support for
on-access scanning
milter interface for sendmail
-
advanced database updater with support for
scripted updates and digital signatures
-
virus scanner C library
-
on-access scanning (Linux® and FreeBSD®)
-
virus database updated multiple times per day
(see home page for total number of signatures)
-
built-in support for various archive formats,
including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex,
SIS and others
-
built-in support for almost all mail file
formats
-
built-in support for ELF executables and
Portable Executable files compressed with UPX, FSG, Petite,
NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da
Cryptor and others
-
built-in support for popular document formats
including MS Office and MacOffice files, HTML, RTF and PDF
ConfigServer Security & Firewall Specifications:
-
Straight-forward SPI iptables firewall script
-
Daemon process that checks for login
authentication failures for:
-
Courier imap, Dovecot, uw-imap, Kerio
-
openSSH
-
cPanel, WHM, Webmail (cPanel servers only)
-
Pure-ftpd, vsftpd,
Proftpd
-
Password protected web pages (htpasswd)
-
Mod_security failures (v1 and v2)
-
Suhosin failures
-
Exim SMTP AUTH
-
Custom login failures with separate log file
and regular expression matching
-
POP3/IMAP login tracking to enforce logins per
hour
-
SSH login notification
-
SU login notification
-
Excessive connection blocking
-
UI Integration for cPanel, DirectAdmin and Webmin
-
Easy upgrade between versions from within cPanel/WHM,
DirectAdmin or Webmin
-
Easy upgrade between versions from shell
-
Pre-configured to work on a cPanel server with
all the standard cPanel ports open
-
Pre-configured to work on a DirectAdmin server
with all the standard DirectAdmin ports open
-
Auto-configures the SSH port if it's
non-standard on installation
-
Block traffic on unused server IP addresses -
helps reduce the risk to your server
-
Alert when end-user scripts sending excessive
emails per hour - for identifying spamming scripts
-
Suspicious process reporting - reports potential
exploits running on the server
-
Excessive user processes reporting
-
Excessive user process usage reporting and
optional termination
-
Suspicious file reporting - reports potential
exploit files in /tmp and similar directories
-
Directory and file watching - reports if a
watched directory or a file changes
-
Block traffic on the DShield
Block List and
the Spamhaus
DROP List
-
BOGON packet protection
-
Pre-configured settings for Low, Medium or High
firewall security (cPanel servers only)
-
Works with multiple ethernet devices
-
Server Security Check - Performs a basic
security and settings check on the server (via
cPanel/DirectAdmin/Webmin UI)
-
Allow Dynamic DNS IP addresses - always allow
your IP address even if it changes whenever you connect to the
internet
-
Alert sent if server load average remains high
for a specified length of time
-
mod_security log reporting (if installed)
-
Email relay tracking - tracks all email sent
through the server and issues alerts for excessive usage (cPanel
servers only)
-
IDS (Intrusion Detection System) - the last line
of detection alerts you to changes to system and application
binaries
-
SYN Flood protection
-
Ping of death protection
-
Port Scan tracking and blocking
-
Permanent and Temporary
(with TTL) IP blocking
-
Exploit checks
-
Account modification tracking - sends alerts if
an account entry is modified, e.g. if the password is changed or
the login shell
-
Shared syslog aware
-
Messenger Service - Allows you to redirect connection
requests from blocked IP addresses to preconfigured text and
html pages to inform the visitor that they have been blocked in
the firewall. This can be particularly useful for those with a
large user base and help process support requests more
efficiently
-
Country Code blocking - Allows you to deny or allow
access by ISO Country Code
-
Port Flooding Detection - Per IP, per Port connection
flooding detection and mitigation to help block DOS attacks
-
DirectAdmin UI integration
-
Updated Webmin UI integration
-
WHM root access notification (cPanel servers
only)
-
lfd Clustering - allows IP
address blocks to be automatically propagated around a group of
servers running lfd. It allows allows cluster-wide allows,
removals and configuration changes
-
Quick start csf - deferred
startup by lfd for servers with large block and/or allow lists
-
Distributed Login Failure
Attack detection
-
Temporary IP allows (with
TTL)
-
IPv6 Support with
ip6tables
-
Integrated UI - no need for a
separate Control Panel or Apache to use the csf configuration
-
Integrated support for cse
within the Integrated UI
-
cPanel Reseller access to per
reseller configurable options Unblock, Deny, Allow and Search IP
address blocks
-
System Statistics - Basic
graphs showing the performance of the server, e.g. Load
Averages, CPU Usage, Memory Usage, etc
-
...lots more!
|