We take the security of our infrastructure seriously.

Some things we do

  • We attempt a secure-by-default configuration on all of our services. This means internally we enforce 2FA, strong passwords, SSH keys and firewall off any admin access pages.
  • We utilize full-disk encryption on dedicated servers that store any potentially sensitive user data.
  • We enforce modern TLS cipher suites on our hostnames and enable DNSSEC on all of our domains.
  • We verify our identities on

Our PGP keys