After more than two decades of active existence, the web is now faced with never-before-seen security issues. In such a hostile and growingly unpredictable environment, it’s web hosting providers who need to shoulder the burden of keeping the integrity of site contents and shelter them from negative influences.
In a response to the global security crisis caused by cataclysmic bugs like ‘Heartbleed’ and the brute-force attack on WordPress sites, we are now in the process of reviewing and improving the overall security of our web hosting services so as to ensure a long-term protection of your sites and applications.
There was already a review of all the features and tools on our hosting platform that are centered around security.
What is left to be done is to ensure a fully encrypted communication over the entire range of client protocols.
As far as encrypted transmission of data over the HTTP protocol is concerned, we offer you a few SSL options that will allow you to transmit sensitive data on your sites over a secure connection. We’ve recently added an option to activate an SSL certificate by using a shared IP address for free, so as to make this option affordable to anyone.
To ensure an encrypted transmission of data over the FTP protocol, we have so far offered users access to sFTP – a security extension to FTP that allows customers to make a file-transfer-protocol connection with our servers by means of SSH.
Now we have enabled FTPs – another security extension to FTP, which uses SSL encryption to protect data as it is transmitted over a network.
In contrast to sFTP, which is accessible only to SSH users, the FTPs protocol is available to anyone who uses an FTP client.
To make use of FTPs, you will first need to make sure that your FTP client supports SSL encryption and then simply use the special FTPs server that is found next to the regular hosts for your account:
Regarding the email protocol, we are planning to review the current implementation of POP3s, IMAPs and SMTPs – the basic mail service encryption technologies, on our platform so as to make sure that they come up to the latest security standards.
Also, in the long run, we’ll be focusing our server network administration efforts on the implementation of DNSSEC – a security extension to the Domain Name System (DNS), which was created to address vulnerabilities in the system on a global level.