1. What security measures are used to protect my server space? We are protected from hackers and DDoS attack (UDP flood).
We have an extensive custom firewall rule and large mod_security rulesets protecting our servers. If we do experience heavy flooding, we have our datacenter enable network level flood protection. Our datacenters are all highly secure facilities with restricted access.
Our other security methods and precautions are confidential for security reasons of course. 2. Are Your Servers PCI Compliant? Payment Card Industry Data Security Standard (PCI DSS) Compliance
Our shared servers at Griotsites.com have been updated for PCI compliance.
If you experience any issues, request a scanning vendor to email you a report and then provide it in a support ticket to our Support department so that any issues that conflict with compliance can be corrected.
When you accept credit cards online through a merchant account, some of the details of PCI compliance are handled by your web host (Griotsites.com), some are handled by your merchant account provider (payment processor), and some aspects are handled by you (the merchant).
Sometimes PCI scanning companies will flag something as being an issue even though there is no actual vulnerability.
For our Windows shared plans, the PCI scanner must be informed that SFTP/SSH is not available on that server so that the scanner can rule the flag for FTP as an exception.
If you experience any issues, request a scanning vendor to email you a report and then submit a ticket to our Support department with the report so we can resolve the issues that conflict with compliance.
3. Are you Safe Harbor Certified? Top Yes! GriotSites.com is safe harbor certified. 4. What is Safe Harbor? Top The European Commissionâ€™s Directive on Data Protection went into effect in October of 1998, and would prohibit the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection. While the United States and the European Union share the goal of enhancing privacy protection for their citizens, the United States takes a different approach to privacy from that taken by the European Union.
In order to bridge these different privacy approaches and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "Safe Harbor" framework and this website to provide the information an organization should need to evaluate - and then join - the Safe Harbor.
Similarly, the U.S. Department of Commerce in consultation with the Federal Data Protection and Information Commission of Switzerland developed a "Safe Harbor" framework to bridge the different privacy approaches between the two countries and provide a streamlined means for U.S. organizations to comply with the Swiss data protection law. 5. What happens to someone abusing system resources? Top The offending site will be suspended and the owner will be given an opportunity to fix the problem or move to a Dedicated server.
It is possible that sometimes we suspend a problem directory, but not an entire account. All issues are taken on a case by case basis.
6. How will I know if I use too many resources? Top There is no way for us to predict how much server resources your site will use. If your site is causing the problems, your account will be temporarily suspended and we will notify you immediately via email.
7. Where Can I Report Abuse and or Spamming? Top Report Abuse or SpammingReport Copyright Infringement Abuse, Spamming, Phishing and Hacking
To report any abusive site or abusive activity, please submit a ticket to our Security team and they will investigate the site or activity accordingly. Please note that we may not be able to provide you with specific updates regarding your report due to privacy reasons.
8. Copyright Infringement Top Reporting copyright infringement? In order for us to address any DMCA complaint, you MUST follow the procedure detailed at:
9. My Site Was Hacked! Top If your site was hacked, immediately submit a ticket to our Security department and our experts will investigate and remove this hack correctly.
10. My Account was Hacked! Top If you are the victim of a hacker, immediately submit a ticket to our Security department and our experts will investigate and remove this hack correctly.
GriotSites.com offers one complimentary account scanning/cleaning per six month period when you open a Security ticket.
If this service is required more than once within a six month period, there will be a premium involved. Alternatively, you may use a third party cleaning service such as SiteLock.
In the meantime, it is vital that you avoid logging in or making any changes to the files/folders on the account so the necessary time stamps stay in place and the investigation proceeds as smoothly as possible. Our Security team will notify you via email once the investigation has been completed.
Note: Only Security Administrators can help you with abuse issues and hackers. Please submit or reply to the Security email for updates.
11. Hacked Account: What to Look For Top In all cases, we recommend some sort of professional service; however, If this option is not available to you, you may wish to consider removing files or directories which have been recently added and you do not recognize as part of your site. Things to look for include:
Strangely named files or directories (i.e: xf8c3l.php or /home/username/public_html/wellsfargo) PHP files located in image folders Base64 or other encrypted injections inside of site files which can be removed using file editors.