Security-hardened infrastructure setup, 24/7 monitoring, firewall management, and ongoing technical support โ delivered by a Solutions Architect with a SecOps background.
Security isn't an add-on for NXDH โ it's how every server we touch is built from the ground up. The same SecOps discipline we apply to our own infrastructure, applied to yours.
Password authentication disabled. SSH key-only access. Root login blocked. MaxAuthTries limited. Non-root admin user created for all operations.
Deny all inbound by default. Only explicitly required ports are opened. Every rule is documented in version-controlled config. Reviewed regularly for drift.
Automatic IP banning for repeated failed authentication attempts. Protects SSH, web services, and email from brute-force attacks without manual intervention.
Every service (ARK, web server, database) runs as a dedicated non-root user with minimal permissions. A compromised service cannot escalate to root access.
Our monitoring stack gives us real-time visibility into every service โ CPU, RAM, disk, network, and uptime. When something goes wrong, we know within minutes, often before any client reports it.
Uptime Robot or Grafana alert fires on threshold breach or downtime
Discord #server-alerts and email to nxdhadmin โ team notified
SA checks Grafana for root cause โ server-side or service-specific
JSE posts update in community Discord โ no technical details shared
SA resolves โ service restarted, config fixed, or rollback performed
Documented in Confluence within 24 hours โ cause, fix, prevention
A backup you haven't tested isn't a backup. We run three independent layers and test restores monthly.
World saves, MySQL databases, and config files backed up to the VPS itself daily at 3:45 AM AWST โ deliberately before the 4:00 AM daily server restart, so every backup is a clean pre-restart snapshot. Seven-day rolling retention.
Everything from Layer 1 synced to Backblaze B2 cloud storage after each backup run. Off-site โ survives any VPS failure.
Weekly full VPS image snapshot via Contabo. If the entire server is destroyed, we restore from a complete image. The last line of defence.
Not sure if you need IT support? If your business relies on any server, website, or online system โ you do. Here's what we can help with.
We audit and harden your existing server or set one up from scratch. SSH configuration, firewall rules, fail2ban, non-root accounts, and SSL setup. A one-time engagement that pays for itself.
Deploy Grafana + Prometheus + Uptime Robot for your infrastructure. Real-time dashboards, threshold alerts, and Discord/email notifications. Know about problems before your clients do.
UFW rule setup and ongoing management. Cloudflare DNS and WAF configuration. Port documentation. Regular review for rule drift. Version-controlled config in GitHub.
Monthly retainer for ongoing support โ patch management, config changes, incident response, and advice. Direct access to a SecOps professional without hiring a full-time IT person.
All IT Solutions engagements are custom-quoted based on scope.
Get a Free AssessmentTell us about your setup and we'll identify the highest-value security improvements for your business.