Includes free SSL certificate, unlimited bandwidth & fully optimised for WordPress.
Fully PCI-DSS compliant hosting, backups every 6 hours & free DDoS protection.
Unlimited bandwidth, WHM & cPanel control panel & fully white label.
Great value domain names available.
Create a professional looking website in minutes. Over 190 templates.
Speed up the delivery of your site.
Beautifully Simple. Massively Configurable. Scales from 1 VPS cloud, all the way up to a load balanced cluster.
Fully managed, high-spec dedicated servers deployed on our gigabit network, backed by our superior 24/7 UK support.
Instantly talk to one of our support team, we're here to help.
For our clients only. Open a ticket you can track and reply to.
Monday–Friday 9am – 8pm we're ready to assist you.
We pride ourselves on offering a hosting support service like no other; polite, knowledgeable & fast.
You may receive an email where the subject line begins : Krystal Hosting <> Security Notice [username] on [server name]
Krystal servers scan all files that are uploaded in real time, but also server-wide scans are conducted on a regular basis. If we detect a large scale malware attack in your account then your account may be automatically suspended.
Why do we suspend your account?
People often ask us why we suspend accounts before contacting our customer. We don't do it to annoy you - but because:
We try to explain it like this - if you owned a shop, and there had been robbers and bandits in there, you would not want to risk your reputation (and a law suit) by allowing the public back in until you were sure things were safe!
How to read the reports
The Security Notice email will normally include a list of affected files at the bottom, or as an attachment if the list is very large. Each line of the report will detail a problem or suspect file in this order
Alert Level, Month, Date, Time, Server, [ Filename ], Description
Warning - Jan 28 05:00:07 artemis ['/home/binky/public_html/shop/code.php'] - (decoded file [depth: 1]) Regular expression match = [decode regex: 1]
Critical - Jan 28 07:04:20 artemis ['/home/binky/public_html/tmp/images/jdhu.php'] - Suspicious Image File [PHP Script]
Legacy Script - Jan 28 23:07:59 artemis ['/home/binky/public_html/smf/index.php'] - Script version check [OLD] [SMF v1.1.18 < v2.0.5]
The above three examples show the THREE types of match you may be notified of.
Legacy Script : Our software checks a broad range of popular web applications to see if the installed version is the latest available. It is reasonably accurate and provides a useful reminder to update the software your website uses to reduce the risk of it being exploited. The files listed are NOT MALWARE - they are just scripts that you should consider updating. If you did not design your website, or are unsure whether you should update your files or not then you should seek assistance from an experienced web developer. Remember, before updating anything, always download a full backup of your website files and databases in case something goes wrong during the update.
If you do not wish to receive Security Notice emails solely because of Legacy Script warnings, then place an empty file called nolegacy.scan in the root (top level) of your home directory.
Warning : These are issues we have found that are worth investigating, but are often false positives. Our system is not confident enough to suspend your account, but a code fragment or technique has been found that is commonly used in malware - You should ALWAYS check these files out to make sure they are OK.
Critial : These are files that are almost certainly infected or entirely malicious, and positively match a known Virus or Malware fingerprint exactly. We take immediate action based on the following rules:
See https://krystal.co.uk/client/knowledgebase/80/What-file-and-directory-permissions-should-I-use-for-my-web-files.html for more information.
What should I do?
If you are a web developer, then you can use the list of affected files provided to go and check the files in your home directory against known good sources. False positives rarely occur, but they do happen. If your account is suspended, you can login to your client area and use our Malware Manager tool to unsuspend your account. Should you require further assistance however, feel free to contact us. This also gives one of our agents the chance to have a quick look at the nature of the problem and offer some advice if appropriate.
If you do not understand the security report, do not understand the scripting language your site is based on, or you had someone else develop your website for you, then we strongly recommend you seek their assistance in dealing with this issue. We will be happy to work with whoever you authorise to deal with the issue to get you up and running as soon as possible.