Partners
Methods of payment
Contact
Abuse
English

PQ.Hosting strengthens security measures for customers

20.05.2024, 19:21
PQ.Hosting strengthens security measures for customers

PQ.Hosting continues to grow rapidly, providing high quality services worldwide. We value our customers' trust and work tirelessly to improve our infrastructure and security. 

Unfortunately, our extensive features and benefits attract not only honest users, but also malicious users who use our services to attack enterprises, the public sector, and ordinary users. While it is difficult for us to completely prevent this from a technical standpoint, our team is actively working to strengthen our defenses.

Initiatives to improve security

Since the beginning of 2023, we have decided to boost up the fight against the pests in our infrastructure.

The first step was to block port 25 for all newly created VPS. We unblock the port only when a user is verified in the system.

This measure allowed us to effectively fight against unsolicited mailings from our servers and we can proudly say that in PQ.Hosting the number of complaints is kept to a minimum and any new violator is being instantly blocked in the system without the ability to restore the access. 

Today we are pleased to announce a full list of additional measures that have been put in place over time to ensure the safety and pureness of our network:

Below we would like to list the path that a client should pass through before getting the ability to receive any service. If at any stage a client fails to pass - he will not be able to use our services.

  1. We introduce an email and a phone number confirmation for all customers. Clients will have to follow the link from the mail and enter the code received via sms. Without this, the client will not be able to use the services. This is the initial stage of screening out bad clients.

  2. Client's account is verified in fraudrecord database. If the client's mail or IP address is in the database - we will send the client to KYC without an ability to purchase any services until the successful verification.

  3. Account is checked for the type of mail services is being used. If a Protonmail or disposable temporary mail is being used - the customer is also sent to KYC without the possibility of ordering services until the successful verification. In our auto-updated database we have more than 135000 disposable mail service providers, from where access to registration is blocked completely.

  4. We also check the client's IP for multiple registrations of other accounts for a certain period of time. If such an activity was noticed - the client is sent to KYC without the possibility of ordering services until the successful verification.

  5. The final check before a customer is allowed to place an order is to check if the client's IP address belongs to TOR. If it does, we send the client to KYC without the ability to order services until the successful verification.

  6. Multi-accounts - we closely monitor each multi-account case and when such a case is detected, such a client should pass the KYC.

  7. ...and many other algorithms. Unfortunately, we can't disclose all the details of our antifraud system to prevent scammers from bypassing it.

We'd like to emphasize one more time: If a client falls under KYC verification - he/she cannot buy/renew the service until passing the verification successfully!

Furthermore, when a client receives a service and starts using it, we closely monitor the activity of his actions. Thus, we have AbuseIPDB service in fully automatic mode, which constantly and automatically analyzes each IP address and in case of detecting abnormal activity blocks the server and sends the client to undergo KYC. After the verification, the security service makes a decision: to block the client or to give an opportunity to correct the error in the settings in case the account has been hacked or the servers have been incorrectly configured, but the client had no malicious intent in his actions.

Not only we use the Fraudrecord database, but we are constantly updating it with new data on intruders to help keep our own servers and servers of other users of the database secured.

Handling complaints and inquiries:

The security department on 24/7 bases processes all the requests that we get at [email protected] and [email protected]. Not a single application remains without our attention. We carefully study the complaint, check the client, his activity on the server, payment methods, and if we suspect that the complaint is justified, we block the service and send the client to KYC.

In particular, we help authorities fight criminals by providing all the information about the offender. In addition, we store the data of blocked services on our secure server so that the authorities can always retrieve the data even for services that have already been deleted.

What's next?

Soon, we plan to introduce products to automatically block viruses and other illegal activities on our network. And we will continue to work and do our best to prevent all those who want to use PQ.Hosting services for illegal purposes starting from the moment of registration.

Working on confidentiality and trust

We realize that the introduction of additional verification measures may raise questions amongst our honest customers and those who have nothing to hide. However, this is done solely to make our service absolutely secure from detractors.

Our goal is to create a safe and secure environment for all of our users so that we can focus more of our efforts on growing our business, expanding our locations, and improving our support.

We thank all of our customers for your understanding and support. Implementing these changes will allow us to provide an even higher level of service and protect you from potential threats.