Security

What security features does FullSail System Offer

FullSail Systems takes security very seriously. Some from a server/OS standpoint we have enterprise-grade servers hardened to the latest security measures.
Some of the points we protect against are:

  • Malware
  • Blacklist Monitoring
  • Brute Force Prevention
  • Injection Prevention
  • Cross-site Scripting Prevention

We highly recommend that all sites using our production environments use SSL Certificates.

In addition to the server-level security measures we use partners like CloudFlare to add additional protection in the form of:

  • DDoS Protection
  • Web Application (or WAF)
  • Rate Limiting
  • DNSSEC

SSL

We automatically apply a free "letsencrypt" certification to all TDL's on any FullSail System Production Server. These Certificates automatically renew and there is no set up required. If you have purchased or wish to purchase an SSL we will install this certificate, to do so please open a support ticket.


Force HTTPS

To force your web application to load over HTTPS we can recommend using your .htaccess file. This file is typically located under the root directory ("/" or "/pulbic_html").

If you want to create this redirect on your own, the example below is a rough example of how to set up this redirect. There are variations of how to redirect but we find that this example will work for most web applications.

.htaccess Example - Force 301 Redirect for www to non-www with or without SSL "https"


RewriteEngine On

#Force non-www:
##301 Redirection without SSL
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

##301 Redirection with SSL
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

NOTE:
If you are using a CMS, eCommerce, Flat-File CMS system there is a very high probability that your can force HTTPS via your administrators' panel. Please refer to your platform's documentation for additional details.


Backups and Restoring Points

Yes, we do take backups and snapshots regularly to safeguard your business contingency. For more information about our backup procedures and recovery protocols please visit Backup.


File Transfer Security

Yes, we do offer secure file transfers. For more information about our FTP procedures and how to set up a secure connection to your virtual server please visit FTP & FTPs.


Network Monitoring

We monitor our systems 24 hours a day / 7 days a week / 365 days a year.
All of our servers are monitored through 3 independent systems. For more information about monitoring please visit Monitoring


Antivirus and Malware Scanning and/or Removal

Scanning of our servers happens daily so nothing gets through without our knowledge. When systems are scanned and a file is flagged it will be automatically addressed. You will be notified immediately to take the proper actions to restore your web application to its intended state.