[Security] AMS Webhosting Security Features


Saturday, June 19th, 2010 - Security

This is a continuation of our Security Guide see the previous post.

AMS Computer Services tries to help in providing security tools and system checks to insure that your website remains safe. We perform many services in the background regarding the security of your webhosting account.

Routine Security Checks
We perform routine security checks to insure that the files on your account are safe and free from any known malicious code. While it is really impossible to scan for every tiny bit of malicious code, we do make the effort to try and identify malicious code to the best of our ability. Because it is impossible to know about every malicious software code, you should always practice good security behavior for your webhosting account.

Routine Script Checks
We try to perform version checks for certain popular scripts that are out there. If you are using an outdated version of the script, you should be notified and you should consider upgrading. AMS Computer Services cannot upgrade the script for you, this is an action that needs to be performed by the end-user client because that individual would be more knowledgeable of the customization that have been made to their webhosting account. We can only recommend and urge you to upgrade. We can, however, disable outdated scripts if we believe that they will be a security problem.

FTP Login Notifications
This is one of our newer services. We noticed a lot of account hackings taking place via FTP. One way to help in this aspect is to notify you when someone logs in via FTP. You, the account owner, then have to decide the legitimacy of that FTP login. While this does not stop an outright hacking via FTP, it can serve to notify you if and when an unauthorized FTP login occurs and this can warn to you that your login information has been compromised in some way. More information about our FTP login notification system can be found in this post.

Password Strength
One issue we had previously seen was that a lot of users were using simple and easy to guess passwords. A password can be the only thing that distinguishes you from an unauthorized person. If your password is easy to guess, then someone else that is not authorized to make changes to your account, can then become authenticated and authorized to make changes to your hosting account. For this reason a strong account password is encouraged. The more difficult it is for a password to be guessed at, the more secure your account is.

Steven