Bytase Blog

Latest news and updates

Security

ChangeLog 12/17/2014

Posted by: Thien Nguyen on Dec 17, 2014

The following changes have been made to our servers:

1. Increased DDOS security with DDOS_Deflate
2. Increased ConfigServer (CSF) Security and Firewall IP Deny from 200 to 2000
3. IncreasedConfigServer (CSF) Security and Firewall default PT_USERPROC and PT_USERMEM
4. Updated OptimumCache to version 0.2-14
5. Updated LveManager to version 0.8-1.47.12
6. Increased OptimumCache Ploop image from 5GB to 10GB
7. Updated Alt-PHP versions

  • alt-php54 updated to 5.4.35
  • alt-php55 updated to 5.5.19
  • alt-php56 updated to 5.6.3
  • alt-php*-ioncube-loader updated to 4.7.2;
  • alt-php*-phalcon updated to 1.3.4;
  • add PEAR packages: Net_Socket, Auth_SASL, Net_SMTP 44 & alt-php 51.

ChangeLog 11/5/2014

Posted by: Thien Nguyen on Nov 06, 2014

The following have been made to our shared servers:

1. ConfigServer Firewall Project Honey Pot blocklist enabled

Security and Cloudlinux

Posted by: Thien Nguyen on Oct 06, 2014

Going forward, we have implemented Cloud Linux Operating System. This will enable a more secured environment and a more robust platform. Hosts on the same server will not affect one another with performance. This coupled with solid state hard drives will deliver improved website performance and speed.

All CloudLinux innovations, such as CageFS, aim to improve security and stability on servers. So where other operating systems will allow entire servers full of customers to go down, CloudLinux stays stable by isolating the impact to the offending tenant.

Security is a big issue! And that is why passwords to cPanel now have to score at least a “50%” password strength as indicated by the password meter. Your default password that was randomly generated upon sign up will already have this strength, but you are free to update the password as you choose (within the 50%+ password strength). Furthermore, we noticed many failed attempts at Brute Forcing our logins. If you don’t know yet, Brute Force is a method that hackers try to implement in order to identify one’s password. They do this by running a programmable application or “bot” and literally trying hundreds of combinations of usernames and passwords in an attempt to “guess” the password correctly. We noticed most of these attempts (so far) originated from countries like Italy or China. By default, all our servers contain “cPHulk Brute Force Protection” and “ConfigServer” firewall. This helps us identify failed attempts and then blacklist the subsequent ip addresses. Don’t worry this won’t affect the end user, unless you forget your password and keep guessing it incorrectly. For this reason, we moved the number of login attempts. After x attempts to your cPanel account, your IP address will be banned for sometime before it will be released to you and allow you to retry. If after the xth attempt, you are unable to login, the IP address in attempt will be permanently black listed for a period of 2 weeks to indefinite. If you happen to forget your password, please first check your email as the initial password was mailed you. If you changed it and forgot your cPanel password, then please open up a support ticket and a staff member will verify your account with you, and help you reset your password.

Security is important. And it is equally important to keep track of your passwords, especially if it has monetary value to them. Among these security features, we have also implemented an antivirus scanner, malware related process killer, email spam assassin, and many more. In the near future, we plan to implement CloudFlare as a plugin feature on our cPanel.

CloudFlare protects and accelerates any website online. Once your website is a part of the CloudFlare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: CloudFlare-powered websites see a significant improvement in performance and a decrease in spam and other attacks.

 

We will continue to improve daily and hope to provide a safe and reliable platform for everyone.

Stay Secured,

~ T