The operating system is the newest edition of Windows server. Since it is the newest, this OS is much more secure than Windows Server 2008 (which is what all of the other hosting services use). The datacenter edition is packed with a bonanza of features, as opposed to the standard edition.
You seem to be following the old "newer = better". Not saying that WS2012 is secure/not secure, but they tend to be more vulnerable the more young they are, since the exploits for the system haven't been discovered yet. This is usually where Microsoft releases a influx of knowledge base patches.
1: File names: This process checks if there are extra executable files in the server's directory. If there are extra .exe or .dll files, the user is identified as a hacker.
2: File sizes: This process checks the file sizes of all executable files against the values which genuine versions of the files would have. If there is a difference in the file sizes of any of them, the user is a hacker.
3: SHA-256 hash: It is relatively easy for a malicious user to get past the 2 methods above, but this step is far more secure. A SHA-256 hash is a string of characters which is uniquely generated according to the contents of a file. The HamHost control panel server generates a 256-bit hash of all executable files in the Blockland server's directory before launching the Blockland server. If the generated hashes don't match with those of a genuine Blockland installation, the user is a hacker.
It is extremely difficult, if not impossible, for a malicious executable file to match both the file size and the 256-bit hash. Furthermore, the system salts the hashes by adding a random number to them. This way, it makes it harder for a hacker to know exactly what hash the control panel server considers genuine.
HamHost's Blockland server security makes sure that other users cannot delete, steal, copy, modify, or corrupt any of the files in your Blockland server's folder.
Quite honestly; this is the most ridiculous "advanced" security system that happens to be very inefficient.
All you are doing is checking file integrity and not paying attention to stuff like a better authentication system (with this type of system, you can go further than just passwords) and encrypted traffic for the more critical parts of the server. If someone manages to get into your client's server, there is nothing stopping them from messing around with the running server. They don't even need to modify files to do this.
Also I don't understand why you use checksum algorithms for binaries and dynamic link libraries but not for other files. If they aren't checked for file integrity, one can easily change the contents of the file completely while still leaving the file size the same and the file name intact.
I should also throw in that your server does not check for brute force/dictionary attacks. I tested your server against around 20 incorrect guesses with random strings on a random user that I will not mention in a short period of time (guesstimated around 10 seconds, more or less). It still responded after 5, which is usually the threshold for password cracking detection (which is why turing tests like CAPTCHA exist). This is probably the most important part of your client's server security and yet you've made it the most vulnerable part of your "advanced security system".
If you really do "value" your customer's security: I advise you to build a better system and research on many different security methods so your server hosting won't equally vulnrable and inefficient than a lone infant. You put your customer's servers at great risk.
Poll