Every Alterascape plan ships with a complete web hosting security stack — Imunify360 AI malware scanning, Web Application Firewall, CloudLinux account isolation, daily off-site backups, and unlimited free SSL certificates. No security tiers, no upsells, no exceptions.
Security shouldn't be a checkbox you pay extra for. Every Alterascape plan ships with the full stack — from kernel-level hardening to automatic SSL renewal.
Machine-learning malware detection scans every file on your account in real time. Threats are neutralised automatically — no manual intervention needed.
Imunify360's WAF blocks SQL injection, XSS, CSRF, remote file inclusion, and CMS-specific exploits before they reach your application code.
Your filesystem, PHP processes, and resources run in a fully isolated environment. A breach on another account can never reach yours.
Nightly full-account backups stored on separate infrastructure. 30-day retention. One-click restore from Plesk — no ticket required.
Every domain gets a free Let's Encrypt SSL certificate. Auto-provisioned, auto-renewed, and reflected instantly in Plesk. No limits, no fees.
Failed login attempts are monitored server-wide. Attackers are rate-limited and blocked automatically before they can reach your credentials.
Imunify360 is the industry standard for server-level security — used by tens of thousands of hosting providers worldwide. On Alterascape, it's not an optional upgrade. It's running on every account, every moment.
Every file upload and modification is scanned instantly using Imunify360's ML model — trained on millions of real-world malware samples.
Continuously updated WAF rules block known attack signatures for WordPress, Drupal, Joomla, and custom applications at the network edge.
Intelligent rate-limiting and IP reputation scoring stops credential-stuffing and brute-force attacks before they consume server resources.
CloudLinux OS patches the kernel with additional exploit mitigations and restricts process privileges far beyond a standard Linux install.
Standard shared hosting puts every customer in the same environment. Alterascape uses CloudLinux to enforce hard isolation between every account — filesystem, processes, and network.
Your files are not accessible by any other account on the server — ever. Symlink attacks are blocked at the kernel level.
PHP and application processes run under your account's UID only. No shared process space, no privilege escalation risk.
If another customer's site is compromised, the isolation layer prevents lateral movement to your data or processes entirely.
Security isn't only about blocking attacks — it's about recovering cleanly when something goes wrong, and encrypting everything in transit.
Your entire account is backed up every night to off-site storage on physically separate infrastructure. Not on the same server — on completely separate hardware in a separate facility.
30 days of rolling backups means you can recover from a mistake made weeks ago. Restore individual files, directories, databases, or an entire account — directly from Plesk, no ticket needed.
Backup data is encrypted in transit between your account and off-site storage. Your data never travels over an unencrypted channel — backup or otherwise.
Every domain on your account gets a free SSL certificate via Let's Encrypt. There's no limit on the number of certificates and no renewal fees — ever.
SSL certificates are renewed automatically before they expire. You'll never receive a browser security warning because of a forgotten renewal. It just works.
Our servers are configured to modern TLS standards — TLS 1.2 and 1.3, strong cipher suites, HSTS, and OCSP stapling — achieving an A+ rating on SSL Labs out of the box.
Every product tier comes with the full security stack — no plan leaves without Imunify360, isolation, backups, and SSL.
Launch on a platform where every plan ships with the full security stack. No upsells. No add-ons. Just protected hosting from day one.