Ransomware attack

Discussion in 'Questions about Everleap' started by AlexAnd, Nov 10, 2019.

  1. As you may know, more and more web hosting providers today are being attacked and all their customers' files become encrypted by some kind of ransomware. My sites were suffered twice this year: on A2Hosting and now on SmarterASP. Now I'm considering to move everything to Everleap, attracted by your offered flexible scalability options. As you may guess, however, I worry about your ability to resist such threats. I suppose (may be wrongly), that the weakness of all major hosting providers is the way they try to reduce costs by using cheap outsourced support personnel (may be even a group of freelancers) that has either too high permissions in their systems or simply uses insecure connections. I don't even want to mention OS updates, which always must be applied in time. Anyway, please, tell something about the measures you apply to protect your customers from this danger.
    Last edited: Nov 10, 2019
  2. Takeshi

    Takeshi Everleap staff

    Yes, we are aware of the attacks on those two hosts and I'm sorry to hear that you suffered on both of them. We understand your concerns. While no host can state that they are 100% safe from similar attacks, we do what we can to reduce the probability of such attacks and we continue to improve our infrastructure and procedures. We do not outsource our support and we do not have freelancers with access to customer servers. We also strive to keep up to date with OS updates. We'll post some of the measures we take in a follow up.
  3. Takeshi

    Takeshi Everleap staff

    Sorry for the delay. I’m following up on your post. Please note that I can’t get into nitty gritty detail on our security practices and setup for obvious reasons. You are welcome to contact our support team and we can arrange a call. Our senior staff members have been in the hosting business since the late 1990s – so we have decades of hosting experience. Below are some of the measures we take for security.
    1. Server Updates
    2. Internal Staff Policies and Email
      • We strictly enforce use of strong passwords.
      • We strictly enforce changing passwords several times a year.
      • Email and computer virus scanning
      • We issue anti-virus for laptops and other computers that may remotely log into our intranet.
      • All support staff are in-house. We do not outsource support.
      • Continuous weekly staff training which cover security issues.
    3. Helpdesk policies
      • We drop any attached files with unknown extensions or problematic extensions
    4. Server Access
      • Remote Access: only limited staff authorized for remote access to servers
      • Physical Access: only limited staff authorized for physical access to datacenter
      • All server access activities are logged.
    5. Infrastructure
      • Backend
        • TippingPoint Intrusion Prevention System (IPS)
          • New malware signatures are updated as they are issued by vendor.
        • Redundant Firewalls
        • Strong and unique passwords for every server
        • Nightly backups for disaster recovery
      • Hosting
        • Do not allow RDP access for customers
        • We host all sites in their own Isolated app pool
        • Websites and database do not reside on same server
        • We do not install custom components in the server registry.
        • We do not allow .exe’s to run on the server
    6. Available Services
      • Customers can use Website Cloud Backup to schedule daily backups of their website files and databases onto the Amazon cloud. The Website Cloud Backup system allows customers to backup websites and databases that are hosted at Everleap and those hosted elsewhere. A separate control panel that resides outside our infrastructure is used to access and manage those backups.
      • SpamExperts
        • Customers can get cost-effective enterprise-class spam filtering through SpamExperts. Customers can use this service for emails hosted at Everleap or elsewhere. Incoming emails are routed to SpamExperts for scrubbing and only the legitimate emails are routed to Customer email inbox.
      • SiteLock: Website scanning
        • The SiteLock service includes daily scanning of customer websites to detect if any malware was uploaded to customer accounts. Higher level SiteLock services will do an FTP scan and detect if any files were altered and if any malware was uploaded and, for known malware signatures, malware is removed from the account.
      • Managed Services
        • The Everleap hosting system is a shared cloud hosting platform where many customers share the infrastructure resources. Therefore there are some constraints in place to make sure the infrastructure works for all customers. Since the system is shared, we cannot make unique settings for individual customers. However, if a customer requires special server configurations that cannot be accomodated on our shared cloud hosting platform, we do offer Managed Private Cloud hosting solutions – where we will set up a private cloud that is only used by one customer. In the scenario, we can customize the private cloud infrastructure to the customer’s requirements. The Private Cloud is fully managed so we'll take care of the server updates and security patching...etc. If you are interested in Managed Services, please contact our technical support team.
    AlexAnd likes this.

Share This Page