FAQ: What makes Sonassi more secure

What makes Sonassi more secure

As standard you’ll get …

  • All your servers are in their own VLAN
  • Three levels of firewall
    • Hardware firewall
    • Intrusion detection device
    • Web application firewall
  • A DOS filter
  • AES256 hardware accelerated encrypted VPN tunnel
  • Total isolation between load balancer, web server, database server, mail server, access server and monitoring server
  • Total isolation between domain-groups (ie. production and development stores)
  • Vulnerability scanner for both Magento patches and other exploits/anomalies
  • Latest generation SSL ciphers, with an “A” score on SSL Labs (also hardware accelerated)
  • Built in security features like
    • Admin protection
    • Downloader protection
    • API protection
  • Secure cron wrapping and execution
  • Detailed audit logging including
    • PHP differentials
    • JS differentials
    • File changes
    • Last logins
    • Currently issued VPN bundles and SSH keys
  • Email audit log notification
  • Support to securely install WordPress
  • Long term log storage available

There’s probably another 20 things that we do around security behind the scenes and operationally as a business.

Let me be clear when I say, we don’t take security lightly. The OS used for your hardware is the same OS we use for customers processing thousands of orders per hour, so you benefit from the same level of security as they do.

And remember, I’ve only scratched the surface as security is just one of the key 4 features of MageStack; Security, Speed, Scalability and Reliability.