We understand the necessity of high availability to our customers and make every effort to provide services that consistently exceed your expectations.
The following is a summary of the kinds of levels of service that we offer to our customers to ensure maximum availability and performance. Please contact support for additional information and terms.
Our servers are located in datacenters in Europe, North America and South East Asia. They feature excellent worldwide connectivity, robust networking products, Tier-1 bandwidth, and redundant 40G hypervisor connections to ensure 99.99% datacenter uptime and throughput.
- Certification. Datacenters are individually audited and certified by various internationally-recognized compliance standards including SOC 1, SOC 2, PCI-DSS and ISO 27001.
a Highly available network connectivity to multiple major carriers for the highest possible availability and speed.
- Redundant electrical systems. Electricity outages are prevented by multiple power feeds, own power generators and enterprise-class UPS technology.
- High-end physical security. We use only premier datacenter facilities for colocating our equipment including: Equinix, Telx, and Telecity. Each site is staffed 24/7/365 with onsite security and to protect against unauthorized entry. Each site has security cameras that monitor both the facility premises as well as each area of the datacenter internally. There are biometric readers for access as well as at least two factor authentication to gain access to the building. Each facility is unmarked so as not to draw any additional attention from the outside and adheres to strict local and federal government standards.
We use resizable SSD-based servers that are billed hourly. They offer the right amount of RAM, CPU, and local storage space needed, which can be easily upgraded within 5-10 minutes. Our infrastructure includes:
- SSD performance. Everything runs on SSD.
- Highly available storage. We have the ability to easily scale storage volumes up to 16TB
- Highly available data. Our data is replicated multiple times across different racks, reducing the chances of data loss in case of hardware failure.
- Reliability and security. All your data is encrypted at rest and transmitted to the servers over isolated networks.
- Seamless Infrastructure Monitoring. Collect metrics for visibility, monitor server performance, and receive alerts when problems arise in your infrastructure.
- Load Balancers distribute incoming traffic across our infrastructure to increase our application’s availability.
- Complete Setup. Including NGINX, MySQL, Postfix, PHP 7 and other dependencies with a single command.
- Config Optimization. Automatically tweaks server configuration as per available hardware resources.
Automatic Server Updates
We shall use all reasonable commercial efforts, being no less than accepted industrial standards in this regard, to ensure that the hosting service is available to you 99.95% of the time in any calendar month. This translates to about 25 minutes of accepted downtime per month, mostly because of scheduled maintenance and update procedures.
A scheduled downtime is when we know it is going to happen and we will have informed you about them beforehand. Scheduled interruptions, will be outside normal office hours. Whatever maintenance will be done at night or at the weekend to minimize the impact on your business.
There may, of course, be times when the server will not be available. These may be tactical or not.
There may be very rare cases that we should restart the server during normal office hours and we can not let you know before. We do not make these decisions lightly and if that happens, we apologize.
Unplanned downtimes are when the server stops, without us knowing it is going to happen. In case of a minor error, we will fix it and your application will be available again as soon as possible. However, at times, failures or errors can occur in the hardware of the server. Based on the agreements we have with the providers, these errors will be corrected, without a charge of course by you, within a maximum of 6 hours.
We monitor all our servers and managed applications every 5 minutes and we get notified instantly when an unscheduled downtime occurs.
We are pre-installing SSL certificates on all of our websites and applications as a first layer of security. If there is no other specific demand from the client, we go with Let’s Encrypt SSL which is provided for free. SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This means that by default all data passed between the web server and browsers remain private and integral.
The next security layer is installed on the DNS of every domain using Cloudflare services. Some key features of the Cloudflare services are:
- DDoS Protection. Our enterprise-class DDoS protection network has 20 times more capacity than the largest DDoS attack ever recorded. Operating at the network edge, it protects against all forms of DDoS attacks.
- WAF. Our web application firewall benefits from the collective intelligence of our entire network. When we identify a new threat from one website, we can automatically block it from the other 6 million websites on our network.
- Rate Limiting. Rate Limiting protects your critical resources by providing fine-grained control to block visitors with suspicious request rates.
Platform dedicated security
The third and last layer of security is located on the platform core (wordpress). We tweak different settings based on client needs in order to close as many potential backdoors to the application.
Our list of security measurements:
- Limit login attempts when logging in by IP address or entire subnet.
- Monitors logins made by login forms, XML-RPC requests or auth cookies.
- Permit or restrict access by White IP Access list and Black IP Access List with a single IP, IP range or subnet.
- Log all activities related to the logging in/out process.
- Hide wp-login.php, wp-signup.php and wp-register.php from possible attacks and return 404 HTTP Error.
- Hide wp-admin (dashboard) and return 404 HTTP Error when a user isn’t logged in.
- Create Custom login URL (rename wp-login.php).
- Immediately block IP or subnet when attempting to log in with non-existent or prohibited username.
- Disable WP REST API
- Disable XML-RPC (block access to the XML-RPC interface including Pingbacks and Trackbacks)
- Disable feeds (block access to the RSS, Atom and RDF feeds)
- Restrict access to XML-RPC, REST API and feeds by White IP Access list with IP or IP range.
- Disable automatic redirecting to login page.
- Stop user enumeration (block access to the pages like /?author=n)
- Proactively block IP subnet class C for intruder’s IP.
- Antispam: reCAPTCHA to protect WordPress register and comment forms.
- reCAPTCHA for WooCommerce & WordPress forms.
- Invisible reCAPTCHA for WordPress comments forms
- Citadel mode for massive brute force attack.
- Play nice with fail2ban: write failed attempts to the syslog or a custom log file.
- Filter out and inspect activities by IP address, user, username or a particular activity.
- Filter out activities and export them to a CSV file.
- Limit login attempts works on a site/server behind a reverse proxy.
- Notifications by email or mobile push notifications.
We take regular full backups of your server as part of our service. We are able to restore individual files, directories or databases without overwriting your entire server – only targeted data is overwritten, and only upon your request.
All platform backups (files & database) are stored offline to a predifined location, based on client’s needs. We can support automatically uploading and storing the backups in cloud storage services (dropbox, google drive, onedrive, amazon S3, google cloud storage, azure), remote servers using SFTP or simple emailing you the backups. (some of the offsite backup destinations offered with extra cost)
We retain a rolling backup history, so that we can restore any one or more files from any of your recent backups upon request. The number of backups stored are based on client requirements but our policy is to keep full server backups daily for the last 5 days, platform file backups daily for the last 7 days stored offsite and database backups daily for the last 30 days stored offsite.
Backup integrity and availability are important to us, but from occasionally operational reasons such as software or hardware malfunction, or a backup or restore process taking longer than normal to complete, may prevent us from maintaining the configured backup frequency or overall number of backup snapshots.
However, we guarantee to have at least 80% of the configured backup snapshots available to restore to your server.
Support and Server Management refers to the technical assistance and administration conducted by us to help you with your application. It forms a critical part of our service to you and makes the difference between your application working as you need it, and your application malfunctioning.
Our support staff is available for email, ticket or chat support during working hours, from 7:00 GMT to 19:00 GMT. The easiest way is through our support portal support.elegrad.com
Response time on support requests, problem resolution (network down, machine failure, etc.) as well as attitudes and consideration of the technical staff, is up to 30 minutes from the initial request. After that, the response time varies due to problem or request difficulty.
During Greek National Holidays and between 1st to 20th of August, limited online ticket and email support is available. Emergency network support is available 24/7. We monitor all vital services 24/7, even on holidays.
What are Cookies?
A cookie is a small piece of data that our application asks a user’s browser to store on his computer or mobile device. Generally, it contains certain information that is not personally identifiable to the user, but is used to improve and personalize the web experience. For example, a cookie can include the date and time of visits to the application, the pages viewed, the time spent on the application etc.
If a user interacts with our application, third-party cookies may also be installed (for example, by clicking on social media buttons or viewing videos housed on other sites). They are established by a domain different than our website and are subject to the relevant websites’ policies. We cannot access the data stored in cookies of other websites when a user browses these other websites.