About DreamHost Security Notifications!

DreamHost has multiple levels of tech-oriented security services that we run for all of our customers at no extra cost (Web application firewalls, server/network firewalls, jailed environments, easy ways for customers to upgrade website software, secure server configurations, password generators and a highly skilled security and admin team to manage all of these services.) We have begun to take a user-oriented approach to security.

Even with the best firewalls and prevention methods, websites can still be compromised (and this makes us sad.) The top methods of compromise have been the same over the last few years, either an FTP/SSH password is guessed/stolen or the customer is unknowingly running insecure software on their site.

Our human oriented method to security is simple: We send emails periodically to customers whenever an emergent security concern comes up. Don’t be afraid of these emails, they’re just notices to let you know we’ve found something you should probably know about. We will never ask you to reveal login details or other key information about your account.

When/Where?
These emails are sent to the account owner, as needed when one or more of their sites may be threatened by criminals! This isn’t to say we will email everyone immediately when their site’s software has an update, only when our security team has identified their hosted sites may be vulnerable to an imminent attack. (sort of a warning before the storm)

What?
These email notifications will be sent from a DreamHost.com email address and will show up in your panel’s support history page.

We will contact customers if their sites are running software currently being targeted by malicious botnets or have been compromised already (e.g.. they’re hosting known web based backdoors.) Typically we will take any immediate action that is needed (such as taking a backdoor offline) but you will still need to take further steps to patch the security hole in your site! Our security team will be glad to help you with what to do, just reply to the email and our staff will be glad to help.

Why?
Site security is a joint effort. We prefer not to muddle with how you run your site, but we will let you know if there is something serious to be concerned about!

Web-based botnets are growing every day. We have multiple layers of security to help our customers’ sites prevent these attacks but site security can’t be left up to (and blamed on) your host. We want to help customers be more aware of security matters and take the proper actions to prevent becoming a victim.

How?
We perform a completely non-invasive review of each site’s web activity. Using the inferred information we can identify either insecure software or bot-net related activity running anywhere on our network. This scan reviews somewhere around 1,000,000 sites hosted across 20,000 or so servers, in only 30-45 minutes (yes, those numbers are real. Yes, that is actually really fast!). During the scans the sites function as normal, in fact there is no way they could be affected by this scan. If your site is detected as in danger we will keep it up and let you know of the danger (and what to do to prevent an attack). If your site has already been compromised we will do our best to quarantine the problem and let you know what to do next.