Infrastructure

alwaysdata is the owner of all of its infrastructure (servers, bays, equipment) and operates its own network (AS60362). This independence means we have end-to-end control, enabling us to guarantee impeccable quality of service.

The physical hosting of our primary infrastructure is handled by Equinix, the world leader with over 145 datacentres worldwide. Certified by several organizations (SSAE16, ISO, LEED, Uptime Institute), Equinix guarantees an average availability rate above 99.99999%.

Our infrastructure is hosted in datacentres located in Paris, ensuring excellent connectivity in Europe and especially in France.

Our servers are made up of hardware selected by us, coming from the latest generations of reputable manufacturers’ professional ranges (Intel, Western Digital, Supermicro). We offer numerous configuration options enabling each of our customers to have dedicated servers that are truly personalized and adapted.

Software architecture

All our servers run under Linux Debian with x86 CPUs (64 bits).

Isolation

Each customer account is isolated from the others by running in a container, regardless of the type of offer (shared, VPS, dedicated). This offers numerous advantages:

  • greater security: even in a case of a breach in application security (Apache, PHP, etc.), only the account concerned is affected;
  • the resources (CPU, RAM, IO, network) are shared equally and adjusted in real time where necessary;
  • elastic performance: each account can temporarily consume more resources without penalizing the others, for example in the event of a peak traffic situation;
  • increased personalization: each account runs its own HTTP server, which enables any settings to be modified.

Features

Because alwaysdata is designed primarily by developers, numerous advanced features are available. These include:

  • complete SSH access, even in shared;
  • native and generalized IPv6;
  • support of numerous technologies (PHP, Ruby, Python, MySQL, PostgreSQL, MongoDB, CouchDB, RabbitMQ, etc.);
  • advanced settings (Apache configuration, modifiable php.ini, local installation of programs and libraries, etc.);
  • email: support of Sieve scripts;
  • scheduled tasks (crons);
  • VPN (OpenVPN, IPSec);
  • automatic statistics for the websites via Piwik;
  • remote access authorized to databases;
  • REST API.

Reliability

Electricity and air conditioning

Monitoring

Network

Servers

Electricity and air conditioning

  • all our equipment (network hardware, servers) is powered by two totally independent electrical chains;
  • UPS systems and electric generators ensure uninterrupted power supply even in the event of an ERDF power failure lasting several days;
  • the air conditioning in the computer rooms is handled by two independent chains, capable of maintaining a stable temperature regardless of the external conditions;
  • electrical and air conditioning failure simulations are conducted each month to ensure correct operation of all the equipment, including the emergency standby equipment.

Monitoring

  • all our servers are monitored by internal and external probes (located in numerous countries), enabling us to be alerted immediately in the event of an anomaly that has not been automatically corrected by our monitoring tools;
  • our engineers are on call 24/7 and intervene minutes after detection of a failure;
  • technicians are present in our datacentres round the clock to carry out any operations requested by our engineers where appropriate.

Network

  • our connectivity is ensured by 4 fully redundant operators;
  • all our network equipment (switches, routers) operates in pairs, with hardware from 2 separate manufacturers, thereby ensuring service continuity in the event of a hardware or software failure;
  • each server has a dual network connection to the switches, with automatic switch-over in the event of a failure.

Servers

  • each server is powered by two redundant power supplies;
  • all the disks are duplicated in real-time (RAID) and are hot-swappable;
  • spare hardware is kept on the premises to ensure the immediate replacement of any defective part, or even a complete server.

Security

Physical

Server

Network

Backups

Physical

Access to the data centres is secured by:

  • biometric recognition;
  • name badges;
  • security teams

Server

All our servers are:

  • protected by a firewall, with a mechanism that automatically blocks IPs carrying out attacks;
  • immediately updated if an important security breach is discovered.

Network

Our network and all our servers are protected against DDoS attacks by a 4-level defence system:

  • each server is configured and optimized to be capable of resisting average size attacks without any manual intervention;
  • in the event of attacks of a greater volume, anti-DDoS protections are automatically activated through our network suppliers, via 2 separate and redundant implementations;
  • for attacks that are even more complex, our engineers can define personalized blocking rules, coordinating, where necessary, with our network suppliers;
  • in the hypothetical case of an extremely massive attack (several hundreds of GB/s), a DNS re-routing strategy to a third party provider can be set up, with regular simulations carried out.

Backups

We carry out backups of all the data of our customers:

  • daily;
  • kept for 30 days;
  • directly accessible by our customers in read-only;
  • stored in external data centres, located at least several kilometres away, and managed by a separate operator.