Kryptronic Info Center

The Info Center has articles on everything you need to get your site up and running with Kryptronic software. Hundreds of articles are available which contain tips, tricks, software updates and release notes, and everything you ever wanted to know about eCommerce, but were afraid to ask...

Kryptronic

The Right Stuff: Kryptronic eCommerce Hosting

This week in our continuing series on eCommerce software and hosting security, we’re discussing eCommerce hosting. You’ll see it takes The Right Stuff to host an eCommerce site…

Trust Issues Series Part 2 of 4: eCommerce Hosting

Today, in 2018, the Internet is a nasty place. Sites are under constant attack, being targeted by bots and malicious users day and night. Over the past decade we’ve seen threats to businesses on the web increase at an alarming rate. Here at Kryptronic, we maintain our Kryptronic Managed Hosting platform for our clients in order to provide them a secure place to do business. Our hosting environment evolves every day to ensure the highest levels of protection are available to every client.

In this article, we’re sharing some of what we do here at Kryptronic, and hope some of the information helps self-hosted clients secure their hosting environments, or might convince them it’s time to choose a host with The Right Stuff.

PCI Compliance

The Payment Card Industry (PCI) has mandated that all eCommerce sites be PCI compliant, and in addition to threat assessment, must pass quarterly PCI vulnerability scans. PCI was created to provide a set of requirements by which all eCommerce sites must operate in order to achieve a minimum level of security. Over the various versions of PCI, we have seen requirements become more and more stringent. In order to maintain PCI compliance, servers need to be effectively locked down against threats.

This requires disabling the ability to communicate via insecure channels – like disabling all standard/plaintext logins/services, and only allowing encrypted communications using TLS1.1 and higher. Security certificates must be in place for all services, and must be valid and trusted. Common threats like Cross-Site Scripting (XSS) and SQL Injections cannot be preset in the web space, along with a myriad of others. Only secure encryption ciphers can be used, and special server configurations are required for all services. A firewall has to be maintained, and access controlled to all ports. The list goes on, and on.

There are hundreds of tests that a hosting platform has to pass to pass a PCI scan. Sadly, most hosting platforms cannot meet these stringent requirements. We work hard to make sure ours does – our servers were even patched against the Spectre and Meltdown attacks way ahead of just about everybody else. The Kryptronic Custom Shop is available to all Kryptronic Managed Hosting clients to assist regarding all PCI issues.

Active Threat Monitoring

Kryptronic actively monitors every site hosted on our Kryptronic Managed Hosting platform. We work diligently to catch any and all threats directed towards our hosted clients. The methods employed are proprietary, complex and comprehensive. Since implementing Active Threat Monitoring in 2015, we have seen a significant, measurable difference between the integrity of sites hosted with Kryptronic versus sites hosted elsewhere on the Internet. The metrics that we’ve collected show Active Threat Monitoring works, and works extremely well.

Built and Tuned for eCommerce

The servers we deploy on our Kryptronic Managed Hosting platform are built to our specification. We choose the hardware, and the software. We manage the entire process of getting a server online, and getting it ready to host our eCommerce software for our clients. As a result, we have all sorts of options available for our clients – from small hosting accounts, all the way to purpose-built full servers. Resources are allocated across all servers to ensure every site runs as quickly and efficiently as possible. We do not overload our servers like some server farms.

We’ve tuned our servers to run Kryptronic eCommerce software. The tuning process involves optimizing server configurations to optimize resource usage and to expedite content delivery to the end-users. Our database server configuration is built to work well for busy eCommerce sites handling mission-critical transactions. Our webserver configuration is built to deliver content quickly and efficiently as possible to achieve the lowest possible response times, and thus increasing conversions for our clients. We run servers built to run sites that sell things.

Kryptronic eCommerce Software

Since our first eCommerce software version was released in 1999, security, reliability and speed have been our main focus. We build software you can count on, and our software has evolved over the last two decades, always staying ahead of the curve. Our Kryptronic eCommerce version 9 (K9) software, which is available now to existing clients, has been developed to build upon this foundation. Massive security enhancements have been added to K9, including many that address upcoming PCI requirements. Our software has migrated to a secure token-based authentication system with enhanced session management. K9 supports forced password rotation, password reuse exclusion, strong password requirements, device-based two-factor authentication, and account lockout and alert functionality. Plus way more…

K9 supports running on a single SSL URL, and has been built and tuned to achieve the highest levels of Search Engine Optimization. It uses a responsive design so it’s ranking very well on mobile (as well as all other) searches. It uses a consolidated inventory system, can hook into eBay and Amazon, has it’s own Point of Sale system available, can batch ship with USPS/UPS/FedEx using scanners, and way more. K9 is worth a hard look, if you’re not using it yet.

Kryptronic Managed Hosting

Many of our hosting clients have chosen Kryptronic Managed Hosting in order to provide a single point of contact for their online business operations. Whether it’s an issue with online store software, hosting, FTP, mail or whatever, our clients know who’s job it is to help. We’re always prepared to provide a resolution, as we manage the entire platform. There’s something to be said about having the company who built your eCommerce software also being the ones to host it on servers they purpose-built to do so.

If you are a Kryptronic Managed Hosting client, we would like to thank you for your continued support. We strive every day to keep your site running properly, as securely as possible. If you self-host your eCommerce site, please consider Kryptronic Managed Hosting. Contact our Custom Shop for a quote on your requirements. Our offerings go above and beyond what you can get anywhere else. We care about your success, and will work hard to keep your site operating as securely as possible.

Kryptronic: Security. Stability. Reliability