Secured by Hostico

The Secured standard developed by Hostico for data security

Security standard
Security standard
Content

I. Secured System
II. Firewall Protection
III. Anti-Spam / Anti-Virus Protection
IV. Protection against HTTP Attacks
V. Server Hardening
VI. Prevention of HTTP DoS Attacks
VII. Daily Security Audits
VIII. Complete List of Secured Services
IX. Applications
X. Initial System Audit
XI. Monitoring

I. Secured System

Secured is an exclusive Hostico service designed to eliminate the worries of correctly configuring a server, saving you both time and money. These initial settings provide additional services and modifications to a standard installation of the operating system and the cPanel control panel. These modifications/services aim to improve the security, reliability, and compatibility of the server with applications. What would normally mean hours of "tweaking" for you or hiring a third party is offered to you for free by Hostico. Your server is secured and ready for deployment as soon as you take possession of it.

II. Firewall Protection

CSF (Config Server Firewall) is installed and configured. Unused ports by cPanel or your applications are blocked to enhance server security, the TCP/IP stack is improved, and an ICMP limiting is set to prevent DoS attacks. Additionally, LFD (Login Failure Daemon) is installed to protect the server against brute force attacks, automatically blocking attackers in the firewall.

Additionally, Hostico takes extra security measures for protection against SYN-type DoS attacks, DNS poisoning, and spoofing. The latest solution offered in this regard is the ARBOR protection system, which has also become available to Hostico customers.

III. Anti-Spam / Anti-Virus Protection

The anti-spam filtering based on Realtime Blackhole List (RBL) is configured. The setup and combination of nearly 10 blacklists are made to maximize spam filtering and minimize false detections. These lists are updated hourly to ensure constant protection of your server.

IV. Protection Against HTTP Attacks

The HTTP detection and prevention engine, Mod Security, is configured for Apache. This module enhances the security of web applications, protecting them from both known attacks as well as application-specific attacks. Protection rules are updated periodically to provide constant protection for your applications.

V. Server Hardening

In addition to the initial control, which ensures the correct installation of the operating system, the control panel, and the update of all packages, Hostico performs many other security adjustments to your server. All unnecessary services are disabled and all unused packages are removed. SSH is hardened and the kernel's operating variables are modified to enhance security without affecting the server's operation.

VI. Preventing HTTP DoS Attacks

DDoS-Deflate is installed for Apache. This module takes evasive actions in the event of an HTTP DoS, DDoS attack, or brute-force attacks and works well for both distributed attacks and attacks originating from a single source.

The servers that initiate the attacks are blocked without disturbing valid requests.

VII. Daily Security Audits

Hostico installs scripts that run daily and check the integrity of the system as well as possible traces of unauthorized access or exploits that could jeopardize the system. Rootkit Hunter and Chkrootkit are also installed for a daily system scan. In case of detecting an anomaly, Hostico technicians are notified and manually investigate your server to ensure its integrity.

VIII. Complete List of Secured Services

  • CSF (Config Server Firewall) - An advanced firewall to block unused ports and enhance system security
  • LFD (Login Failure Daemon) - Detects and blocks brute force attacks
  • ClamAV Email Antivirus - ClamAv scans incoming and outgoing emails for viruses, trojans, and various worms
  • Anti-Spam Filtering - Activating anti-spam filtering systems via RBL (Realtime Blackhole List)
  • Chkrootkit - Checks the system for commonly used rootkits, backdoors, and exploits. It also checks for other signs of intrusion.
  • Rootkit Hunter - Checks the system for commonly used rootkits, backdoors, and exploits. It also looks for other signs of intrusion as well as the system's binary files.
  • Mod_security - Intrusion prevention system by filtering exploits.
  • Disabling unnecessary processes - Disabling all services that are not required for the proper functioning of the system
  • Removing unnecessary packages - Removing all packages that are not required for the proper functioning of the system
  • Securing temporary directories - Securing /tmp, /var/tmp and other directories to prevent the uploading and execution of prohibited binary files
  • SSH Hardening - SSH Hardening to prevent brute-force attacks
  • Daily security audits - Installation of certain scripts that run daily to check the integrity of the system
  • Hardening PAM resources - Tightens PAM restrictions to prevent various attacks
  • Sysctl Hardening - Modifying kernel values for TCP/IP stack hardening to prevent and protect against various attacks
  • Suhosin - Advanced protection system for PHP that protects PHP applications from various known as well as unknown attacks through different methods.

IX. Applications

  • MyTop - MySQL TOP - the level of MySQL usage in an interface similar to the Unix command "top";
  • IPTraf - detailed traffic monitoring
  • ifTOP - monitoring traffic on the server's IPs

X. Initial System Audit

  • Server stress test - In the case of a dedicated server, the stress level supported by memory, processor, hard disk, and I/O systems is checked. Standard procedure on all Hostico servers.
  • Memory test - Testing memory to identify any errors. Standard procedure on all Hostico servers.
  • Testing and updating the operating system - Ensuring that the operating system is functioning at normal parameters and that all its components are updated
  • Control panel check - Verifying the parameters of the installed administration panel
  • Kernel Check - Installing the latest stable version of the Kernel
  • Backup Configuration - Ensuring the proper functioning of backup services

XI. Monitoring

The configured servers and services are closely monitored 24/7 to facilitate a rapid response from the Hostico technical team when the situation demands it. Additionally, constant monitoring is useful for statistics regarding resource usage levels, preventing overloads, and implementing a proactive working mode in general for service improvement.

Among the monitored services we note:
  • Web Server (HTTP)
  • Control panel status (cPanel, Webuzo)
  • Mail System (SMTP, POP3, IMAP, Number of emails in the queue)
  • Server Services (SSH, FTP, etc)
  • Database (MySQL)
  • Server load
  • Server traffic (to/from (in/out))
  • I/O Level
  • Available/used space

    Note: The servers for which clients have taken on the responsibility of administration do not benefit from the applications and techniques detailed on this page.