We built InfraResolve under the absolute assumption that AI should never possess unmonitored write-access to core infrastructure. Our security architecture is stateless, heavily containerized, and strictly isolated.
Our agent never asks for root SSH passwords. All interactions occur via scoped, read/write restricted API tokens targeting cPanel, Plesk, or Cloudflare. You maintain absolute control over what specific file paths the agent is permitted to touch.
We never persistently store your clients' server credentials or configuration files. When a webhook arrives, the required credentials are temporarily pulled from an encrypted keystore (AWS Secrets Manager) to process the action, and are immediately flushed from worker memory upon ticket resolution.
Every API command, server file change, and decision path made by the agent is compiled into an immutable JSON timeline. This payload is cryptographically hashed (SHA-256) and posted directly to your WHMCS internal staff logs. You will always know exactly what our agent executed, when it did it, and why.
All execution routines run inside private virtual cloud subnets. Egress firewall security groups are locked down to isolate our execution nodes, allowing them to communicate strictly with known API gateway ports of authorized servers (e.g., 2083 for cPanel, 8443 for Plesk).