Secure Web Sites

  • Secure File Access — SSH, SFTP, SCP, Secure Web-based File Manager
  • Optional SSL/TLS
  • Optional VPN access
  • Anti-virus scanning
  • Software & hardware firewalls

Simple & Reliable

  • Dedicated Linux servers for reliability
  • Linux, Apache, MySQL/MariaDB, Perl, PHP
  • Upload CMS software like Wordpress
  • Test your site via a temporary domain before going live

Dedicated*

  • Dedicated Linux servers for security
  • PCI & HIPAA Compliance
  • Unlimited web sites and databases
  • Customize firewalls, PHP settings, etc.
  • Dedicated IP address
  • Optional clusters, load balancing, etc.

*LuxSci does not offer web hosting on shared web servers for security and privacy reasons.

Dedicated, managed Linux Web hosting

Unfortunately, unsecured web servers are intriguing and accessible to determined hackers. So when it comes to managing the large amounts of traffic your site receives, you must make security a top priority. LuxSci's dedicated web site hosting ensures the protection of your online presence with maximized security and capacity. A dedicated server provides space and resources just for you, as opposed to the watering hole of a traditional shared server.

In addition to increased privacy, dedicated web site hosting also offers increased security. For instance, if another users' server is attacked or hacked, you're much less likely to experience collateral damage. Increased reliability arises from the fact that you don't have to share memory, CPU, network, disk space, or other resources. And, dedicated servers are best for accounts that need hundreds or thousands of users or gigabytes of storage. Does this sound like the type of infrastructure that's right for your business?

HIPAA-compliant databases

Does the nature of your business call for HIPAA compliance? LuxSci's dedicated Web hosting servers provide a HIPAA compliant web infrastructure where you can host HIPAA websites. The isolated nature of the dedicated server provides enhanced security and flexibility from hackers. You can use SSL to ensure a secure connection between your website and its visitors. We also offer auditing reports for your web sites and your access to our system. With highly secure firewalls and our Intrusion Protection System, you can rest assured that if there is an issue on your server, we will be alerted.

LuxSci's dedicated HIPAA compliant Web hosting services provide you with your own protected island on the web. You have the ability to host and share information on a secure and isolated platform. Be sure to check out our dedicated server package and to look into our helpful HIPAA compliant information to make sure you're always protected.

Learn more

Perhaps you were wondering...?

Yes. LuxSci provides the infrastructure and the HIPAA Business Associate Agreement and you provide the web site itself. You are responsible for the compliance and security of your site itself. I.e. that data is stored in proper places, that authentication is required for access, that you log access, etc. For more information, see: HIPAA Web Sites>

No. LuxSci only provides managed Linux-based dedicated servers for Web hosting.

Yes. It is common for customers to run Wordpress on LuxSci servers.

No. As Wordpress sites can be quite complex, LuxSci does not currently provide a migration service. We will install a fresh version of Wordpress for you. We would suggest that you have your web designer (i.e. the one in charge of designing and maintaining your current Wordpress site) assist you in any migrations.

Yes, LuxSci will provide non-root SSH access to your server. This is granted only upon request, for security reasons. You can make this request via a Support Ticket.

LuxSci Web hosting is a managed service. For security reasons, we do not grant root or sudo access to customers.

While you can not edit this file directly, LuxSci support can make requested modifications to it upon request. These modifications are first vetted to ensure that they do not hurt your server's security level.

LuxSci provides custom Web site and database management tools (not cpanel) for this purpose. LuxSci also provides a server management tool where you can edit your iptables firewall and view current and historical reports on CPU, RAM, and Disk usage

Enterprise-class servers have their data stored on a private SAN where all disk partitions are always encrypted. Business-class servers can not have their main operating system disk encrypted; however, if you purchase additional disks and request it, these additional disks can be encrypted and all of your data can be stored on them. See: Enterprise vs Business Class.

Yes. See Standard Backups. We can also set up custom backup and retention schedules for you.

Yes. You would submit your cron job to support for review and they would configure it for you on your server.

Other questions? Call Sales

Got it all figured out?

New accounts ready in 1 hour*

Account term is month-to-month

Free 30-minute training call included

Welcome to LuxSci!

*for non-dedicated-server orders placed between 9am and 10pm Eastern Time, USA. Provisioning can be delayed due to issues validating orders.

Web Hosting Features

Feature
Unlimited Web Sites

LuxSci allows you to have any number of web sites and domains associated with your account.

Unlimited Databases
2000 GB/month of bandwidth included
This is more bandwidth than you will likely ever need. Contact sales if you need more.
MySQL/MariaDB v5.5 Databases: includes database management tools.
  • Unlimited MariaDB databases included with all dedicated Web hosting accounts
  • Remote SSL access to your databases over VPN
  • Web-based SQL command execution and querying tools (with saved commands, download of results in CSV, etc.)
  • Web-based tools for import and export of "mysqldumps" (i.e. batch SQL statement scripts).
SecureForm: Secure web site form to secure email feature (add on option)
Test Before Going Live
Use our "temporary domain name" feature to view and test your web site before making it live or before switching from your old provider.
Scripting Languages: Perl, PHP v5.6, Python
Supports Standard CMS You can install standard software like: Wordpress, Joomla, phpMyAdmin, MediaWiki, and almost any software that runs on PHP, MySQL, and Perl.
SCP and SFTP Access
  • Accounts can be configured so that FTP access is disabled, but SFTP is allowed.
FTP Access: Access your files 24/7 using FTP
This may be disallowed in high security accounts. Such accounts need to use SFTP, instead.
Web-based File Manager: Secure, web-based alternative to FTP.
  • Users can: view file lists, create directories, upload, download, delete, rename, change permissions, change ownership of files and directories
  • Permits automatic uncompressing zip and other archives "on upload".
  • Permits account administrators access user file spaces for file upload/download and management, without needing to know their passwords.
  • Bulk file uploads and downloads, drag and drop uploads and downloads.
WebDAV: Access-controlled shared files and calendars on your web site.
Password-Protected Directories - Easy management user interface
Easy-to-use interface for password protecting web site directories. Create users and user groups; assign read-only and/or read-write access to any directory. No need to manage .htaccess or .htpasswd files manually.
Web Site Access Reports
"Webalizer" reports for your web sites, updated daily.
Access to raw web site access and error logs
Secure web sites over SSL/TLS
Anti-Virus Scanning (shared and Px2+ servers)

Anti-virus scanning is provided on shared Web hosting accounts and on dedicated servers sized as Px2 or larger. The micro-sized Px1 budget servers do not include AV scanning.

Full AV Scanning is performed daily. For dedicated customers, AV scanning can be scheduled to run at any frequency that you require.

Found viruses and malware are immediately quarantined.

HSTS (HTTP Secure Transport Security)
HSTS can be enabled for your secure site by simply enabling a checkbox.
Separate directories for secure and insecure site content
Apache 2 servers
Apache mod_rewrite
Server-side includes
SuEXEC for the security of CGI scripts (i.e. CGI scripts can run as you instead as the web server user).
Custom Error Documents
Full .htaccess support
CGI scripts in any directory
Real cgi-bin directory
Mirror websites across multiple domain names
Configurable web site redirection
Configure PHP settings, e.g. memory limits

HIPAA-compliant Web Sites

LuxSci dedicated Web hosting services, in conjunction with a HIPAA-compliant account, provides a HIPAA-compliant infrastructure where you can host HIPAA-compliant web sites.

HIPAA-compliant web hosting provides:

  1. Dedicated - dedicated virtual private servers for enhanced security and flexibility.
  2. Forced Secure Connections - Your connections to FTP and MySQL (to manage your data) are forced to always be secure.
  3. Optional Web Site SSL - SSL for your web site so that, if you are transmitting ePHI, you can do that securely.
  4. MySQL - Storage of ePHI on our hosted MySQL databases is permitted and compliant.
  5. Reporting - Access and auditing reports of your access to our system and management of your web sites are available. Raw web site logs are also available for your analysis.
  6. Firewalls - Redundant hardware and software firewalls
  7. Intrusion Protection - Our Intrusion Protection system alerts LuxSci staff to any issue on your server.
  8. HIPAA Infrastructure Requirements - LuxSci takes care of the HIPAA infrastructure requirements regarding media disposal, backups, restores, and related things for you.

Your Role in HIPAA Compliance

However, as with any HIPAA Web hosting solution where you have the ability to design your web site and upload your own scripts and programs, LuxSci provides a compliant environment and you are responsible for ensuring that the web site itself is designed and implemented in a secure and compliant fashion. E.g. this includes things like use of SSL when appropriate, access auditing and unique identity verification, proper encryption of at-rest PHI, etc. For further information on this, please read:

HIPAA Web Sites

If you require HIPAA compliance because ePHI may be transmitted through or stored in your web site, then you can get HIPAA Web Hosting by:

  1. Order LuxSci SecureForm service with HIPAA Compliance. Use this order link to get started.
  2. Compliance Lock Down — LuxSci automatically locks down your new account with all of the security restrictions required for a HIPAA compliant infrastructure
  3. Business Associate — LuxSci co-signs its HIPAA Business Associate Agreement with you, as required by HIPAA Omnibus.

That's it — at this point you will setup your web site on our servers and ensure that you do this in a proper manner for compliance.

SSL/TLS Certificates

Using a TLS certificate, you can create a secure connection between your website and its visitors. This allows you to:

  1. Securely collect information from the visitors to your site.
  2. Display secure/sensitive information to them.
  3. Enable your visitors to verify what site they are connecting to.

TLS Certificates are needed if you:

  • Want your own secure Web site for Web hosting
  • Want Private Labeling using your own secure domain
  • Want secure email services (i.e. POP, IMAP, SMTP) on your dedicated email server via your own secure domain name

Learn more about TLS in general:

As no one uses "SSL v2" or "SSL v3" anymore, certificates for securing Internet traffic are all for the "TLS" protocol and so are properly called "TLS certificates," though the term "SSL" is often used colloquially to refer to the same general concept.

TLS Certificates at LuxSci

If you wish to use LuxSci services that require you to have a TLS Certificate, you have two options:

  • Have LuxSci buy the certificate for you
  • You purchase the certificate yourself

LuxSci buys the certificate for you

For the quickest and easiest setup and renewal, LuxSci recommends having us purchase your TLS certificate for you:

  • We will purchase a certificate* from our partner Comodo
  • We will take care of gathering all needed information from you and coordinate with Comodo
  • We will make sure that the certificate does not expire on you from year-to-year by tracking the certificate and coordinating renewals with you.
  • Your certificate will:
    • Use 2048-bit keys
    • Support 128-bit and 256-bit encryption
    • Have the highest degree of browser compatibility available
    • Be very well trusted by your end users as it will be issued by Comodo
  • We will bill you for the certificate -- so you pay us for your certificate as part of your normal LuxSci invoice.

All you will have to do is (a) provide us with a little contact information, and (b) respond to a TLS-certificate confirmation email message from Comodo. It will take care of everything else for you.

(*) LuxSci can provide other kinds of TLS certificates as well, such as "wild card" certificates and Extended Validation (EV) certificates (the ones that make your browser address area green).

See also: Understanding the TLS Certificate Purchase Process.

Bringing your own certificate

If you would like to purchase your own certificate (or generate your own self signed one):

  • LuxSci will ask you some questions and generate a certificate signing request (CSR) for you
  • You will order your certificate from a third party yourself.
  • You will provide us with the resulting signed certificate file and all "intermediate" certificates that may be needed.
  • You are responsible for ensuring that your certificate does not expire from year to year. You must take the initiative to renew your certificate and get us new signed certificates as needed well before your certificate expires.

How Many Certificates Do I Need?

You may need multiple TLS certificates, depending on the number of separate domain names that you wish to secure.

Web Site Hosting

You will need one TLS certificate for each secure web site that you wish to have hosted. This certificate will be for either "domain.com," "www.domain.com," or some subdomain like "secure.domain.com" — your choice.

Private Labeling of WebMail

If you have Private Labeled WebMail and wish to brand the domain name shown in the browser for TLS connections, then you will need a TLS certificate for that "secure private labeled domain name".

Note that you can use the SAME "secure private labeled domain name" for:

I.e., there is no need to get separate domains and certificates for all of these services. You can use insecure "vanity domain names" for access. For example:

  • Use https://secure.domain.com for TLS branding for all Private Labeled services.
  • Use http://webmail.domain.com for quick branded access to WebMail logins (this will redirect to your login page URL at the https://secure.domain.com domain.
  • Use http://securesend.domain.com for quick branded access to SecureSend logins (this will redirect to your SecureSend login page URL at the https://secure.domain.com domain.
  • Branding of SecureForm can be enabled and then will be automatic with https://secure.domain.com
  • Branding of SecureLine Escrow is also automatic with https://secure.domain.com

However, if you are using one domain for your web site, you can not also use that same domain for Private Labeling. People generally use a subdomain for Private Labeling; i.e., secure.domain.com.

Private Labeling of Email

If you have Private Labeling and a dedicated email server and wish to have your users use your secure domain for access to secure POP, IMAP, and/or SMTP services, then you will need to pick another domain name, such as "secure-mail.domain.com," for this and obtain another TLS certificate for it.

Note: Private labeling of TLS connections to email services is not available to customers using shared email hosting servers.

Dedicated Server Customers

Dedicated server customers may have their email and web hosting services on the same server. The can use the same domain name that they are using for secure Web site hosting for secure Private Labeled email access (there is no need for separate domain names in this case).

Got it all figured out?

New accounts ready in 1 hour*

Account term is month-to-month

Free 30-minute training call included

Welcome to LuxSci!

*for non-dedicated-server orders placed between 9am and 10pm Eastern Time, USA. Provisioning can be delayed due to issues validating orders.

eBook — HIPAA-compliant Website Basics

What healthcare organizations need to know about HIPAA-compliant web sites

Book 2 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

Get the HIPAA eBook

What People Say About LuxSci