Secure Server Hosting

SellCloud is designed to keep your servers secure and your data safe.

Your server hardware is powered by Hetzner Online, with hundreds of thousands of servers in operation, is one of the largest data center operators in Europe. Your App's maintenance are powered by ServerPilot which is optimized for hosting WordPress and PHP websites. Their team has a strong security background. Security research published by their team members includes identifying vulnerabilities in Linux package managers, designing secure software update systems, and securing browsers against CSRF exploits. If you have security questions or encounter any issues, please contact us.

Your Servers

ServerPilot uses the most advanced security architecture of any control panel to ensure the security of your servers.

DDoS protection

Hetzner Online will safeguard your cloud servers using the latest hardware appliances and sophisticated perimeter security technologies, providing you with first-rate protection against large-scale DDoS attacks. And all that free of charge.

Software Updates

All servers are configured to be automatically updated with security updates from the Ubuntu security repositories as well as the ServerPilot repositories. These updates are signed with the Ubuntu and ServerPilot GPG keys, respectively.

Code Signing

All ServerPilot code executed on your servers is signed offline with our GPG key. The signature is checked by your server before any code is executed.

Communications

All communication with ServerPilot performed by your servers is done over TLS encrypted connections.

The ServerPilot apt repositories are also served over HTTPS using TLS.

Password

When you set system user passwords or MySQL passwords using ServerPilot, we hash those passwords in the appropriate format and transmit them in hashed format to your server over a TLS encrypted connection.

Firewalls

ServerPilot configures an iptables network firewall on your servers. This firewall only allows TCP ports 22 (SSH), 80 (HTTP), 443 (HTTPS), and UDP port 68 (DHCP).

Public-Facing Web Server

ServerPilot configures Nginx with OpenSSL as the public-facing web server on your server. OpenSSL is used by the majority of the world's HTTPS websites to perform TLS encryption. Nginx is secure against Slowloris attacks due to its use of an event-driven (asynchronous) model rather than being multi-threaded.

Mail

ServerPilot configures the secure postfix mail server on your servers. This mail server is used only for your web applications to send outbound mail. It is not configured to accept mail from outside of your server and the firewall is not opened to allow outside communication with the mail server.

Secure Shell and File Transfer

Your servers are configured with SSH/SFTP for you to access your servers. We do not enable insecure FTP on your servers.

How to Change Server Security Settings