Dedicated Hosting Cluster
Security and Performance is at the core of MetaShield’s Distributed Cloud Network. All communication with your web application is always transported over HTTPS (TLS 1.2+) and High Network Availability is achieved through a Distributed Cloud Network.
Performance, High Availability and Redundancy
The MetaShield Distributed Cloud Network includes an integrated global Content Delivery Network (CDN) that boosts website speed by caching static website content. CDN caching options are managed by MetaShield for optimal performance to suit each website’s requirements. All Business Hosting Solutions provided by MetaShield support High Availability and Redundancy in case of a network or server node failure. The Active Monitoring of the Web Application nodes at the Cloud Entry Point to allow for Active-Passive Hot Standby failover solutions. This also includes, a Distributed Data Centre configuration that locates standby nodes in Geographically separated Data Centres based within the EU.
Web Application Firewall
The Web Application Firewall (WAF) provides the first line of defence from bad actors including automated Bots that are probing your website for information and known vulnerabilities. The Web Application Cloud Entry/Firewall provides protection through Intrusion Prevention System (IPS). Your sites performance will be improved by eliminating undesired bad traffic from reaching your web server.
Monitoring, Detection & System Integrity
MetaShield provides active continuous website monitoring, intrusion detection and alerts with daily updates. Our monitoring service scans websites for malware, hacks and blacklist status. A key element in the protection of a site is the early detection of signs and indications of compromise (IOC) and alerts so that immediate action can be taken. Monitoring the system integrity provides early warning and signals for unexpected changes to your website infrastructure. The early detection of indicators of compromise allow for actions to be taken to isolate and protect systems and minimise impact and risk to your business and customers:
- SSL Certificate Monitoring
- Malware Scanning Internal & External
- WordPress & Plugin Integrity
- Site Uptime & Resource Monitoring
- DNS Monitoring
- Blacklist Status
- WordPress CVE Monitoring
- Privileged WordPress Accounts
Full HTTPS with SSL Certificate Provisioning
With MetaShield’s actively monitored SSL Certificate Provisioning and Renewals, your website’s SSL Certificate will be renewed automatically. SSL Certificates are applied to both the Web Application Firewall and all website Active and Standby nodes. MetaShield can apply SSL Certificates that we generate on your behalf or apply enhanced EV SSL Certificates provided by customers.
The use of the unsecured HTTP protocol presents a vulnerability risk to your website visitors. MetaShield applies Full HTTPS with Protocol Redirection. In addition, MetaShield configures your website for HSTS to inform browsers to always access the website via HTTP, even when a HTTP link may be present. MetaShield’s Cloud Network utilises HTTPS web protocol communication throughout all public communication and supports TLS 1.2 or higher in order to meet the Payment Card Industry Data Security Standards (PCI DSS). Browsers that do not support TLS 1.2 or higher will not be supported (Mandatory PCI Requirement from 30th June 2018). To protect customer details and privacy, all pages in the website are served over HTTPS with minimum TLS1.2.
High Availability Hosting Stack
The High Availability Vertical Core (HAVC) Hosting combines a vertically scalable web application with High Availability protections. The HAVC solution is best suited to SMEs and applications that do not require distributed horizontal scaling.
Data Centre Certification
MetaShield Cloud Infrastructure only incorporates Data Centres that are fully ISO 27001: 2013 compliant. In Addition, the Data Centres have been Certified for the PCI-DSS requirements to allow support secure payments on the Cloud Infrastructure. Our Managed Hosting Solutions are deployed by default in SOC 2 Type II Data Centres that are located within EEA. By default, UK based Data Centres have been excluded from our Infrastructure pending Brexit outcome and new UK Relationship. The use of non-EU Data Centre is available upon request.
Fully Managed WordPress Stack Maintenance
MetaShield’s security first approach requires proactive monitoring, updating and maintenance of Web Server’s software components to ensure compliance and performance for websites and web applications. The regular updating, testing and application of software updates is a key measure used to mitigate risk and protect websites from exploitation of known vulnerabilities.
A comprehensive scheduled maintenance programme is provided through MetaShield’s Software Maintenance Services.
Software Maintenance & Patching Schedule:
Component | Monitoring | Scheduled Updates |
Core Operating System | Daily | Weekly Patches |
Web Services Stack | Daily | Weekly Patching |
WordPress Core | Daily | Monthly Updates |
WordPress Plugins | Daily | Monthly Updates |
WP Premium Plugins | Monthly | Monthly Updates |
Parent Theme | Monthly | Monthly Updates |
PHP Major Version | Monthly | Quarterly Upgrade |
MariaDB Major Version | Monthly | Quarterly Upgrade |
Debian OS Major Version | Quarterly | Annual Migration |