How are Hatchbox servers hardened for security?

There are several things we do to make sure your servers have good security defaults:

• We disable password authentication for SSH. You can only login with SSH keys.
• UFW (uncomplicated firewall) is installed and configured only to allow the following ports publicly
• • 22 (SSH) on all servers
  • 80 (HTTP), and 443 (HTTPS) on web servers
• In a multi-server cluster, Hatchbox also configures UFW to firewall the internal datacenter network. Traffic is only allowed between your servers.
• Security and other important updates are automatically installed every night.

We recommend updating your server every couple of months to the latest Hatchbox configuration. Select the server in your cluster and click the "Update" button.