We utilize only high end servers such as Dual Xeon 3GHz with at least 8GB RAM with redundant internet connection for all our hosting accounts. Aside from our internal monitoring system, our servers are also monitored by WebsitePulse periodically on an interval of five minutes and alert our System Administrators / Engineers via email and SMS if there's any problem with the systems. We have also employed top-notch system administrators with more than 10 years experience in the field that performs security audit (some shown below). In this way, BigBytes.Net is not only able to provide quality service but also exceeds its uptime guarantee.
- System Integrity Monitor - 24x7 Internal Monitoring of services.
- System Priority - Sets priority to current processes being run on your server, decreasing load 10-25%.
- Process Resource Monitor - Monitors all resources used by all processes and if a process is being flooded or causing high load on the server, it is killed.
- Linux Socket Monitor - Identifies rogue services.
- Brute Force Detection - Detects brute force connections and automatically enters the offending IPs into the firewall to be blocked.
- Linux Environment Security - Enforces root-only permissions on system binaries as well as other restrictions on system programs.
- /tmp & /var/tmp hardening – We harden /tmp and /var/tmp so no malicious scripts can be executed from the commonly used directory.
- /dev/shm hardening - Another place hackers tend to upload files to is /dev/shm. This directory is hardened as well.
- Optimize FTP Server for faster connections.
- Optimize MySQL & Apache to reduce load and speed up connections.
- Mytop installation to monitor MySQL connection in realtime.
- Secure Apache to reduce the amount of information visible about a server\'s software making it less vulnerable.
- Sysctl.conf Hardening - Prevents IP spoofing and prevents DNS poisoning.
- CHKRootKIt – Simple script that detects software used by hackers. It scans once a day and send emails if any suspicious scripts are found.
- Disabling Unused Services – We disable unused services to prevent them from being exploited.
- Firewall Installation - CSF iptables based firewall and anti-dos rulesets.
- TCP/IP Hardening – Prevents DDOS and SYN-Flood attacks.
- Logwatch – Sends a daily report with all activity that has taken place on the server for that day.
- Operating System Optimization – Optimize the OS for faster operation and load reduction.
- Disable Open DNS Recursion - Prevent foreign queries that strain your dns servers and prevent it from being utilized in DNS DDoS attacks.
- Remove unused software – We remove unneeded software to minimize the number of software that could possibly be exploited.
- Remove unused services – Unused services are shutdown and their ports closed.
- eAccelerator - eAccelerator dramatically decreases page loading times by caching php scripts in a compile state.
- SSH Server Hardening - locks down and hardens the SSH server.
- Mod_Security with our comprehensive ruleset - Adds another layer of security for web applications.
- Suhosin - advanced protection system for PHP
- Disable dangerous PHP functions.
- RKHunter - Comprehensive security analysis.
- Disable php functions - Disabling potentially harmful php functions.
- Dictionary Attack Prevention - Detects and blocks incoming dictionary attacks to email system.
- cPanel Tweak - Tweak WHM Settings for security and stability
Note: The above is a list of security features that we feel is sufficient to harden our servers. This will not guarantee that your site/account is hack-proof. We always recommend to our clients to keep their systems/PC free from virus and spyware (specially keyloggers) and keep third party script up to date with latest version and/or security patches. We also recommend clients to take a backup of their sites regularly for their own protection aside from our daily, weekly and monthly cpanel backup.