Batoi Research Group 
Today, we're excited to share some crucial updates that are about to roll out for our hosting services, including the RAD sandboxes. A secure hosting environment is the foundation of any successful online venture. That's why we are implementing a series of security upgrades to make your experience better and safer.
1. FTP Goes Fully Secure
We have upgraded the FTP connection security. All FTP commands will now require encryption, enabled through TLS. Don't worry if you haven’t used TLS before; it's a simple toggle in most FTP clients with the new sFTP port being 522. Also, the root user will no longer have FTP access for added security. The RAD sandbox users need not do anything, as the settings will automatically be adjusted.
2. Refined SSH Settings
Ever heard the saying, "Too many cooks spoil the broth"? The same can be said for root users in SSH. We're limiting root user access, meaning you'll log in as sshuser and use 'sudo su -' to perform tasks that require root permissions. The new SSH port is 522.
3. Stay One Step Ahead with Monthly Vulnerability Scans
Each month, our advanced scanning tools comb through your server's system and applications to identify any security weaknesses that cybercriminals could exploit. These comprehensive scans cover everything from outdated software and insecure configurations to potential firewall weaknesses.
Once a vulnerability is identified, the system categorizes it based on its risk level. High-risk vulnerabilities are flagged for immediate action, and you'll be notified promptly. Our team then takes corrective actions to fix these issues or guide you through the steps needed to strengthen your hosting security.
4. ModSecurity Rules for Robust Web Protection
We have added new ModSecurity rules for real-time web application monitoring and protection. If you find yourself locked out from parts of your website, don't panic! Contact us, and we can adjust the rules for those specific sections.
5. PHP.ini — More Secure Than Ever
We have tightened up PHP configurations by disabling appropriate native functions (show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen) that are often exploited to spread malware. Plus, PHP error reporting will be hidden from end-users, making it tougher for attackers to find weaknesses.
6. Secure Your Transactional Emails
Our Mail servers relaying through transaction email services have gone premium with higher
SSL/TLS standards, so you'll need to tweak your transactional email settings to sync with these
new security measures. The new secured SSL/TLS settings are:
IMAP Port: 143, POP3 Port: 110
SMTP Port: 587
7. Introducing ConfigServer eXploit Scanner & ImunifyAV
As part of our ongoing efforts to offer comprehensive protection, we have integrated the ConfigServer eXploit Scanner and ImunifyAV into our security suite.
8. KernelCare Symlink Protection
Lastly, we added KernelCare Symlink Protection to safeguard against cross-account attacks. In summary, your security and peace of mind are top priorities for us at Batoi. All these updates are engineered to offer you an experience that is as smooth as it is secure. Our support team will assist you if you encounter any issues following these upgrades.
