New Security Upgrades to Elevate Your Managed Batoi Hosting

Discover the latest security upgrades on Batoi's managed hosting servers. From enhanced FTP and SSH settings to monthly vulnerability scans, learn how we have taken your server security to the next level.

Batoi Research Group Oct 23, 2023 Facebook Twitter LinkedIn Pinterest

Today, we're excited to share some crucial updates that are about to roll out for our hosting services, including the RAD sandboxes. A secure hosting environment is the foundation of any successful online venture. That's why we are implementing a series of security upgrades to make your experience better and safer.

1. FTP Goes Fully Secure

We have upgraded the FTP connection security. All FTP commands will now require encryption, enabled through TLS. Don't worry if you haven’t used TLS before; it's a simple toggle in most FTP clients with the new sFTP port being 522. Also, the root user will no longer have FTP access for added security. The RAD sandbox users need not do anything, as the settings will automatically be adjusted.

2. Refined SSH Settings

Ever heard the saying, "Too many cooks spoil the broth"? The same can be said for root users in SSH. We're limiting root user access, meaning you'll log in as sshuser and use 'sudo su -' to perform tasks that require root permissions. The new SSH port is 522.

3. Stay One Step Ahead with Monthly Vulnerability Scans

Each month, our advanced scanning tools comb through your server's system and applications to identify any security weaknesses that cybercriminals could exploit. These comprehensive scans cover everything from outdated software and insecure configurations to potential firewall weaknesses.

Once a vulnerability is identified, the system categorizes it based on its risk level. High-risk vulnerabilities are flagged for immediate action, and you'll be notified promptly. Our team then takes corrective actions to fix these issues or guide you through the steps needed to strengthen your hosting security.

4. ModSecurity Rules for Robust Web Protection

We have added new ModSecurity rules for real-time web application monitoring and protection. If you find yourself locked out from parts of your website, don't panic! Contact us, and we can adjust the rules for those specific sections.

5. PHP.ini — More Secure Than Ever

We have tightened up PHP configurations by disabling appropriate native functions (show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen) that are often exploited to spread malware. Plus, PHP error reporting will be hidden from end-users, making it tougher for attackers to find weaknesses.

6. Secure Your Transactional Emails

Our Mail servers relaying through transaction email services have gone premium with higher SSL/TLS standards, so you'll need to tweak your transactional email settings to sync with these new security measures. The new secured SSL/TLS settings are:
IMAP Port: 143, POP3 Port: 110
SMTP Port: 587

7. Introducing ConfigServer eXploit Scanner & ImunifyAV

As part of our ongoing efforts to offer comprehensive protection, we have integrated the ConfigServer eXploit Scanner and ImunifyAV into our security suite.

Lastly, we added KernelCare Symlink Protection to safeguard against cross-account attacks. In summary, your security and peace of mind are top priorities for us at Batoi. All these updates are engineered to offer you an experience that is as smooth as it is secure. Our support team will assist you if you encounter any issues following these upgrades.

Need our assistance? We are available.

Learn More About Our Platform?
Schedule a Demo
An Existing Customer?
Get Support
Want Managed Service?
Request for a Quote
Report an Error