Security Feature


Firewall Protection:

  • APF Configure both ingress and egress firewall protection.
  • BFD Detect and prevent brute force attacks.
  • CPHulk Detect and prevent brute force attacks.

Spam Prevention and Anti-Virus Protection:

  • ClamAV Configure for e-mail scanning. Enable auto-updating anti-virus definitions.
  • Realtime Blackhole Lists (RBLs) Configure email server with RBLs to prevent spam.
  • Harden Mailserver Configuration Prevent against detection of valid e-mail address through brute-force attacks. Also enable HELO verification and other sanity checks.
  • Dictionary Attack Protection Prevent spammers guessing email addresses on your server.
  • Checksum-based Collaborative Filtering DCC and Razor to detect mass-mails.
  • OCR Technology Optical Character Recognition engine to detect spam in email as images and PDF files.
  • Custom rulesets Custom hand-selected SpamAssassin and ClamAV rulesets to increase spam detection.

HTTP Intrusion and DOS Protection:

Free DDOS Protection upto 25,000 pps

  • Mod_security Install and configure mod_security for Apache with auto-updating ruleset.
  • Mod_evasive Install and configure DOS, DDOS, and brute force detection and suppression for Apache.
  • PHP SuHosin PHP Hardening through the Hardened PHP Project. Available on request.

Server Hardening:

  • Disable IP Source Routing Enable protection against IP source route attacks.
  • Disable ICMP Redirect Acceptance Enable protection against ICMP redirect attacks.
  • Enable syncookie protection Enable protection against TCP Syn Flood attacks.
  • Enable ICMP rate-limiting Enable protection against ICMP flood attacks.
  • Harden host.conf Enable spoofing protection and protection against DNS poisoning attacks.
  • Harden Apache Prevent module and version disclosure information.
  • Harden SSH Allow only SSH version 2 connections.
  • Harden Named Enable protection against DNS recursion attacks.
  • Ensure Filesystem Permissions Fix permission on world writable directories and prevent against directory-transversal attacks.
  • Harden temporary directory and shared memory locations Enforce noexec, nosuid on tmp and shm mounts.
  • Harden “fetching” utilities - Allows root-only access of wget, curl, and other utilties often used in web-based attacks.
  • Remove unnecessary packages removes RPMS which are not needed to prevent against potential vulnerabilities and free up disk space.
  • Disable unused services Disable services which are not used.
  • Disable unneeded processes Disable processes which are not needed for server operation.
  • PAM Resource Hardening Protects against exploits which use core dumps and against user resource exhausting through fork bombs and other shell attacks.
  • PHP Hardening Enable OpenBaseDir protection.

Server Optimization:

  • Optimize TCP/IP stack Various changes to TCP/IP stack to increase buffers and optimize for server environment.
  • PHP Configuration Enables widely used PHP modules for maximum compatibility.
  • MySQL Optimization Optimizes MySQL performance for server configuration and enable query caching.
  • PHP Caching Optimizes PHP performance through EAccelerator script caching.
  • FFMPEG and related software support FFMPEG, Mencoder, flvtool2, and all related applications.
  • Graphic Applications Installs widely-used graphic applications NetPBM and ImageMagick.
  • Monitoring Applications Installs MyTOP, Iptraf, and Iftop utilities to easily monitor server performance.

Security Audits:

  • Rootkit Hunter Nightly scan to detect system intrusions.
  • Chkrootkit Nightly scan to detect system intrusions.
  • Nobody Process Scanner Scans for unauthorized "nobody" processes.


Send Your Query

cPanel is the best control panel on the market

FREE MIGRATION

Sit back, we will migrate your site for free

FREE INSTALLATION

E-commerce, Forum, gallery, blog, cms, ect.

Checkout Host LLC
795 Greens
Allentown (lehigh), NJ 08501
(609) 325-2001 (USA)