We have completed a series of improvements to the security systems protecting our hosting infrastructure. These updates strengthen the protection of all hosted websites, mail accounts, and services running on our servers.
What we improved
Our intrusion detection system, fail2ban, now runs 19 active security jails — each one monitoring a different attack surface including web traffic, email, FTP, VPN, and database access. We audited every jail to confirm that detected attackers are correctly and immediately blocked at the firewall level.
During this audit we discovered and fixed two issues. First, a misconfigured filter was failing to detect fake browser bots probing for vulnerable files such as .env, .git, and PHP exploits. The filter has been corrected and these bots are now actively caught and banned. Second, we confirmed that firewall rules are now automatically restored if the firewall service is ever restarted — previously a restart could leave ban rules temporarily inactive.
What this means for you
Malicious bots and brute-force attackers targeting your hosted websites and mail accounts are blocked faster and more reliably than before. IP addresses that trigger our detection rules are banned immediately and remain banned for extended periods, reducing the noise and load on your services.
lundi, mars 16, 2026
