Secured by YottaSrc

I. Secured System

Secured is an exclusive YottaSrc service designed to take the worry out of correct configuration of a server, saving you both time and money. These default settings bring additional services and changes to a standard installation of the operating system and to the cPanel control panel. These changes/services are meant to improve the security, reliability and compatibility of the server with the applications. What, for you, would normally mean hours of "tweaking" or hiring a third party, is now provided for free by YottaSrc. Your server is secure and ready for use as soon as you take possession of it.

II. Firewall Protection

CSF (ConfigServer Firewall) is installed and configured. Unused ports of cPanel or from your application are blocked to enhance server security, TCP/IP stack is improved and is set to an ICMP limitation to prevent DoS attacks. Additionally, LFD (Login Failure Daemon) is also installed which protects your server against brute force attacks, automatically blocking attackers in firewall.

YottaSrc also takes additional security measures to protect against SYN DoS attacks, DNS poisoning and spoofing. The latest solution offered in this regard is the ARBOR protection system, which of course now becomes available to YottaSrc customers.

III. Anti-Spam / Anti-Virus Protection

Anti-spam filtering is configured based on Real-time Black hole List (RBL). Configuration and combination of nearly 10 blacklists is made to maximize spam filtering and keeping to a minimum the erroneous detections. Those lists are updated every hour to ensure constant protection of your server.

IV. Protection against HTTP attacks

ModSecurity, the detection and prevention engine for HTTP attacks, is configured for Apache. This module increases the security of web applications, protecting them both for known attacks and application-specific attacks. Protection rules are regularly updated to provide constant protection for your applications.

V. Strengthening the server

Besides the initial control that ensures proper installation of the operating system, control panel and updating all packages, YottaSrc perform many other adjustments to your server security. All unnecessary services are disabled and all unused packages are removed. SSH is strengthened and operating variables of the kernel are modified to increase security without affecting server operation.

VI. Preventing DoS HTTP attacks

DDoS-Deflate is installed for Apache. This module performs evasive actions in the event of an HTTP DoS attack, DDoS and brute-force attacks and works well both in distributed attacks and attacks coming from a single source.

The servers who initiate the attacks are blocked without disturbing the valid requests.

VII. Daily security audits

YottaSrc installs scripts that run daily and check the integrity of the system and possible traces of unauthorized access or exploits that could endanger the system. Rootkit Hunter and Chkrootkit are also installed for a daily scan of the system. If an anomaly is detected, YottaSrc technicians are notified and investigates your server manually to ensure its integrity.

VIII. Initial system Audit

Server stress test - In the case of a dedicated server, the following components are checked: stress levels supported by the memory, processor, hard drive and system I/O. Standard YottaSrc procedure on all servers.
Memory test - Memory testing to identify any errors. Standard YottaSrc procedure on all servers.
Testing and updating the operating system-Ensure that the operating system is functioning normally and that all its components are updated
Control panel verification - Check the parameters of the installed control panel
Kernel verification - Installing the latest stable version of the kernel
Configuring Backup - Ensure the correct operation of backup services

IX. Monitoring

Configured servers and services are carefully monitored 24/7 to assure a rapid intervention of the YottaSrc technical team if the situation so requires. Also, the constant monitoring is useful for statistics regarding the use of resources, the prevention of overloading and implementing a way in general to proactively work for the improvement of services.

Among the services monitored, we note:

Web Server (HTTP)
State of the control panel (cPanel, Webuzo)
Mail System (SMTP, POP3, IMAP, Numbers of mail in the waiting list)
Server services (SSH, FTP, etc.)
Databases (MySQL)
Server load
Server traffic (in/out)
I/O Level
Available space/ used space
Note: The servers for which customers have assumed the responsibility of administration will not benefit from applications and techniques detailed on this page.