Server come installed with a variety of software including the operating system, control panel as well as related services like Apache, MySQL, Qmail and Bind. We are experts in all these programs and are able to fix any issues related to them. We also help our clients with any custom software and applications they install and often install programs free of charge.

We use two different firewalls here at HN. We deploy the popular Advanced Policy Firewall (APF) which filters out alot of undesirable traffic and also we deploy a custom firewall built by our admins to stop common PHP attacks. APF also automatically updates using the Spamhaus DROP list to block traffic consisting of stolen zombie netblocks and netblocks controlled entirely by professional spammers.

BFD (Brute Force Defence) is a modular shell script for parsing application logs and checking for authentication failures. It does this using a rules system where application specific options are stored including regular expressions for each unique auth format. The regular expressions are parsed against logs using the 'sed' tool which allows for superior performance as opposed to perl based regular expressions or using other tools.

We install and configure Apache modules mod_security and mod_evasive to help prevent against web application and denial of service (DOS) attacks. Mod_security is an intrusion detection and prevention engine which provides protection against a wide range of attacks. We also install and configure mod_evasive for Apache. This module allows Apache to provide evasive action in the event of an HTTP DoS attack, DDoS attack or brute force attack.

Spam is a huge problem and we provide all the necessary tools for our clients to combat this menace. SpamAssassin is installed by default and if used correctly it can filter out most spam. Our SpamAssassin installs also use Bayesian Training for increased effectiveness and our clients can employ training on their mail accounts if they choose. We also use Realtime Blackhole Lists (RBLs) for spam prevention.

Our servers are hardened on many levels and we have never suffered a serious security breach. The servers are hardened against syn-flood attacks, DNS poisoning, spoofed packets and ICMP attacks. We ensure proper directory permissions are set and protect the often exploited /tmp directory as well as removing unnecessary packages and disable unused services. This is just a small sample of the overall system configuration!

Security is not a "set once and forget" affair. A server requires regular checks and audits to ensure the system integrity. We install popular scripts Rootkit Hunter and Chkrootkit which scan servers for possible exploits as well as manually checking server performance on a regular basis.

This page is just a brief glimpse into the server administration that goes on in the backend 24 hours a day. If you have a dedicated server with us we treat your server just like one of our shared/reseller servers so you can assured that your server is well catered for.