Back to Blog
Security
March 15, 20264 min read

How We Keep Your Servers Secure

Security is a core part of how we build and operate NoobHost. Here is an overview of the measures we use to protect your hosting services.

Encrypted Backups

All backups are encrypted with AES-256 before being stored. We perform daily automated backups with extended retention - daily, weekly, and monthly snapshots give you multiple restore points.

DDoS Protection

Every NoobHost service includes DDoS mitigation at no additional cost. Game servers receive layer-4 UDP flood protection, while web and app servers get layer-7 protection with rate limiting.

Firewall Hardening

Every server is configured with strict firewall rules. Only the ports required for your service are open. Management interfaces are restricted to our internal infrastructure - they are never exposed to the public internet.

SSL Everywhere

All web services get free SSL certificates via Let's Encrypt, provisioned automatically during setup. Certificate renewal is handled automatically.

SSH Security

  • Password authentication is disabled - SSH key only
  • Root login is restricted
  • Access to infrastructure goes through a hardened bastion host
  • All SSH sessions are logged and monitored

Secrets Management

All credentials and API keys are stored in HashiCorp Vault. Secrets are never hardcoded or stored in environment files. Services retrieve credentials at runtime through authenticated Vault requests.

Monitoring and Alerts

We continuously monitor all services for availability, resource usage, and security events. Alerts are triggered when:

  • A service goes down
  • Resource usage exceeds thresholds
  • Suspicious login patterns are detected
  • Security patches are available

Automatic Patching

Operating system and security patches are applied regularly. Critical patches are deployed within 24 hours of release.

Your Responsibility

While we handle infrastructure security, the security of your applications and configurations is a shared responsibility. We recommend:

  • Using strong passwords and enabling two-factor authentication
  • Keeping your application software up to date
  • Reviewing your server logs regularly
  • Maintaining your own backups alongside ours

For security concerns, contact us at security@noobhost.com.

How We Keep Your Servers Secure - NoobHost Blog