Questions:
1) What versions of Linux, Apache, MySQL, PHP are we currently running?
Our shared servers run CloudLinux 7 and 8, Litespeed or Apache 2.4, Mariadb or Mysql 5.7. We have provide the option to run multiple (hardened) php versions from 4.4 to 8.1. The default version is 8.1. We also use the latest Release branch of cPanel.
2) Do we have a regular server update cycle?
CloudLinux and cPanel control most of the updates on the system. We still watch them closely.
3) What security features do we have in place (specific applications and technologies)?
Modsecurity with rules provided by Comodo WAF, updated regularly.
Malware scanners cxs and maldet, updated regularly.
4) What technology are we using to segment websites on this server (to prevent a compromise from spreading internally)?
We use CloudLinux's CageFS to isolate file access. CloudLinux limits resource usage.
5) What recovery features do we offer (nightly backups, etc)?
There are daily snapshots taken by the JetBackup system. cPanel has access to the account's backups. Backups are kept for 10 days. Of course there are cPanel's backup tools available for the customer to create their own backups.
6) What SSL certificate authority service are we using?
For our free SSL certificates that are managed through cPanel's autoSSL system the CA is Comodo.
For commercial certificates most clients use RapidSSL. However we can offer over 80 SSL products from multiple CAs.
7) Do we have any restrictions on WordPress Plugins?
No. However if they are malicious or exploitable without a patch we will ask you to remove them.
1) What versions of Linux, Apache, MySQL, PHP are we currently running?
Our shared servers run CloudLinux 7 and 8, Litespeed or Apache 2.4, Mariadb or Mysql 5.7. We have provide the option to run multiple (hardened) php versions from 4.4 to 8.1. The default version is 8.1. We also use the latest Release branch of cPanel.
2) Do we have a regular server update cycle?
CloudLinux and cPanel control most of the updates on the system. We still watch them closely.
3) What security features do we have in place (specific applications and technologies)?
Modsecurity with rules provided by Comodo WAF, updated regularly.
Malware scanners cxs and maldet, updated regularly.
4) What technology are we using to segment websites on this server (to prevent a compromise from spreading internally)?
We use CloudLinux's CageFS to isolate file access. CloudLinux limits resource usage.
5) What recovery features do we offer (nightly backups, etc)?
There are daily snapshots taken by the JetBackup system. cPanel has access to the account's backups. Backups are kept for 10 days. Of course there are cPanel's backup tools available for the customer to create their own backups.
6) What SSL certificate authority service are we using?
For our free SSL certificates that are managed through cPanel's autoSSL system the CA is Comodo.
For commercial certificates most clients use RapidSSL. However we can offer over 80 SSL products from multiple CAs.
7) Do we have any restrictions on WordPress Plugins?
No. However if they are malicious or exploitable without a patch we will ask you to remove them.
Comments
0 comments
Please sign in to leave a comment.