Secured by YottaSrc
I. Secured System
Secured is an exclusive YottaSrc service designed to take the worry out of correct configuration of a server, saving you both time and money. These default settings bring additional services and changes to a standard installation of the operating system and to the cPanel control panel. These changes/services are meant to improve the security, reliability and compatibility of the server with the applications. What, for you, would normally mean hours of "tweaking" or hiring a third party, is now provided for free by YottaSrc. Your server is secure and ready for use as soon as you take possession of it.
II. Firewall Protection
CSF (ConfigServer Firewall) is installed and configured. Unused ports of cPanel or from your application are blocked to enhance server security, TCP/IP stack is improved and is set to an ICMP limitation to prevent DoS attacks. Additionally, LFD (Login Failure Daemon) is also installed which protects your server against brute force attacks, automatically blocking attackers in firewall.
YottaSrc also takes additional security measures to protect against SYN DoS attacks, DNS poisoning and spoofing. The latest solution offered in this regard is the ARBOR protection system, which of course now becomes available to YottaSrc customers.
III. Anti-Spam / Anti-Virus Protection
Anti-spam filtering is configured based on Real-time Black hole List (RBL). Configuration and combination of nearly 10 blacklists is made to maximize spam filtering and keeping to a minimum the erroneous detections. Those lists are updated every hour to ensure constant protection of your server.
IV. Protection against HTTP attacks
ModSecurity, the detection and prevention engine for HTTP attacks, is configured for Apache. This module increases the security of web applications, protecting them both for known attacks and application-specific attacks. Protection rules are regularly updated to provide constant protection for your applications.
V. Strengthening the server
Besides the initial control that ensures proper installation of the operating system, control panel and updating all packages, YottaSrc perform many other adjustments to your server security. All unnecessary services are disabled and all unused packages are removed. SSH is strengthened and operating variables of the kernel are modified to increase security without affecting server operation.
VI. Preventing DoS HTTP attacks
DDoS-Deflate is installed for Apache. This module performs evasive actions in the event of an HTTP DoS attack, DDoS and brute-force attacks and works well both in distributed attacks and attacks coming from a single source.
The servers who initiate the attacks are blocked without disturbing the valid requests.
VII. Daily security audits
YottaSrc installs scripts that run daily and check the integrity of the system and possible traces of unauthorized access or exploits that could endanger the system. Rootkit Hunter and Chkrootkit are also installed for a daily scan of the system. If an anomaly is detected, YottaSrc technicians are notified and investigates your server manually to ensure its integrity.
VIII. Initial system Audit
- Server stress test - In the case of a dedicated server, the following components are checked: stress levels supported by the memory, processor, hard drive and system I/O. Standard YottaSrc procedure on all servers.
- Memory test - Memory testing to identify any errors. Standard YottaSrc procedure on all servers.
- Testing and updating the operating system-Ensure that the operating system is functioning normally and that all its components are updated
- Control panel verification - Check the parameters of the installed control panel
- Kernel verification - Installing the latest stable version of the kernel
- Configuring Backup - Ensure the correct operation of backup services
Configured servers and services are carefully monitored 24/7 to assure a rapid intervention of the YottaSrc technical team if the situation so requires. Also, the constant monitoring is useful for statistics regarding the use of resources, the prevention of overloading and implementing a way in general to proactively work for the improvement of services.
Among the services monitored, we note:
Last Update 06-10-2022