Hostinger

At Hostinger, we follow the latest security industry standards and best security practices to protect our servers, ensure information security and comply with all applicable laws and regulations, such as GDPR.

While more technical details are reserved for preserving the integrity of the security systems in place, here are some of the most relevant safeguards applied:

Server and infrastructure security configuration consistently applied across all servers

Advanced security modules that assure the best possible protection, such as mod_security, Suhosin PHP hardening, PHP open_basedir protection, and others.

Anti-malware protection on endpoints and servers.

- 24/7 server monitoring.
- Server and infrastructure security configuration consistently applied across all servers
- Firewall protection.
- Advanced security modules that assure the best possible protection, such as mod_security, Suhosin PHP hardening, PHP open_basedir protection, and others.
- Anti-malware protection on endpoints and servers.

Implemented internal policies and procedures to support information security.

Continuous scan for vulnerabilities and penetration testing.

<a href="https://www.hostinger.com/responsible-disclosure-policy" rel="nofollow noopener noreferrer" target="_blank">Responsible Disclosure Policy and Bug Reward Program</a>.

Applied OWASP secure coding practices and other industry standards.

2FA authentication enabled on all applicable systems.

- A dedicated internal Security team.
- Implemented internal policies and procedures to support information security.
- Continuous scan for vulnerabilities and penetration testing.
- <a href="https://www.hostinger.com/responsible-disclosure-policy" rel="nofollow noopener noreferrer" target="_blank">Responsible Disclosure Policy and Bug Reward Program</a>.
- Applied OWASP secure coding practices and other industry standards.
- 2FA authentication enabled on all applicable systems.

All operating systems are kept up to date, including security patches.

Database encryption with secure hashing algorithms.

Continuous static code analysis to detect potential code security issues.

- All operating systems are kept up to date, including security patches.
- Database encryption with secure hashing algorithms.
- Regular data backups.
- Continuous static code analysis to detect potential code security issues.

Hostinger is ISO/IEC 27001:2017 certified.

As for Health Insurance Portability and Accountability Act, our hosting services are not intended to provide a HIPAA-compliant environment according to our <a href="https://www.hostinger.com/hosting-agreement" rel="nofollow noopener noreferrer" target="_blank">Hosting Agreement</a>.

- Hostinger is ISO/IEC 27001:2017 certified.
- As for Health Insurance Portability and Accountability Act, our hosting services are not intended to provide a HIPAA-compliant environment according to our <a href="https://www.hostinger.com/hosting-agreement" rel="nofollow noopener noreferrer" target="_blank">Hosting Agreement</a>.

To keep your account and websites fully safe, we also recommend you follow some basic security measures, such as: 

Never provide your login and password to anyone. To safely provide access to a collaborator, use our <a href="https://support.hostinger.com/en/articles/1583777-how-to-use-access-manager">Access Manager</a> feature.

Scan regularly all your devices with an up-to-date antivirus.

Keep your CMS and application extensions updated to the latest version.

Download extensions/plugins/modules/themes only from trusted sources.

Always use <a href="https://support.hostinger.com/en/articles/1583257-how-can-i-change-my-hostinger-account-password#h_81fe2279b1">secure and strong passwords</a>.

Enable <a href="https://support.hostinger.com/en/articles/4888385-how-to-link-hostinger-account-to-social-login-google-facebook-github-accounts">social login</a> and <a href="https://support.hostinger.com/en/articles/4888148-how-can-i-set-up-two-factor-authentication-to-my-hostinger-account">two-factor authentication</a> for your hosting account, as well as two-step authentication for your CMS admin dashboard.

- Never provide your login and password to anyone. To safely provide access to a collaborator, use our <a href="https://support.hostinger.com/en/articles/1583777-how-to-use-access-manager">Access Manager</a> feature.
- Scan regularly all your devices with an up-to-date antivirus.
- Keep your CMS and application extensions updated to the latest version.
- Download extensions/plugins/modules/themes only from trusted sources.
- Always use <a href="https://support.hostinger.com/en/articles/1583257-how-can-i-change-my-hostinger-account-password#h_81fe2279b1">secure and strong passwords</a>.
- Enable <a href="https://support.hostinger.com/en/articles/4888385-how-to-link-hostinger-account-to-social-login-google-facebook-github-accounts">social login</a> and <a href="https://support.hostinger.com/en/articles/4888148-how-can-i-set-up-two-factor-authentication-to-my-hostinger-account">two-factor authentication</a> for your hosting account, as well as two-step authentication for your CMS admin dashboard.

To prevent data loss, you can also regularly <a href="https://support.hostinger.com/en/articles/5981435-how-to-download-backups-at-hostinger">download backups</a> of your website files and database to your local device, as well as <a href="https://support.hostinger.com/en/articles/5778153-how-to-export-emails-using-hostinger-webmail">back up your emails</a>.

<a href="https://www.hostinger.com/legal/dpa" rel="nofollow noopener noreferrer" target="_blank">Hostinger data processing addendum (DPA)</a>

<a href="https://support.hostinger.com/en/articles/1583390-what-to-do-if-your-account-or-site-has-been-hacked">What to do if your account or site has been hacked?</a>

- <a href="https://www.hostinger.com/legal/dpa" rel="nofollow noopener noreferrer" target="_blank">Hostinger data processing addendum (DPA)</a>
- <a href="https://support.hostinger.com/en/articles/1583390-what-to-do-if-your-account-or-site-has-been-hacked">What to do if your account or site has been hacked?</a>

What security measures does Hostinger use?

General security measures

Server and infrastructure protection

Procedures and practices

Data integrity

Certifications

Security recommendations