At Hostinger, we follow the latest security industry standards and best security practices to protect our servers, ensure information security and comply with all applicable laws and regulations, such as GDPR.
General security measures
While more technical details are reserved for preserving the integrity of the security systems in place, here are some of the most relevant safeguards applied:
Server and infrastructure protection
24/7 server monitoring.
Server and infrastructure security configuration consistently applied across all servers
Firewall protection.
Advanced security modules that assure the best possible protection, such as mod_security, Suhosin PHP hardening, PHP open_basedir protection, and others.
Anti-malware protection on endpoints and servers.
Procedures and practices
A dedicated internal Security team.
Implemented internal policies and procedures to support information security.
Continuous scan for vulnerabilities and penetration testing.
Applied OWASP secure coding practices and other industry standards.
2FA authentication enabled on all applicable systems.
Data integrity
All operating systems are kept up to date, including security patches.
Database encryption with secure hashing algorithms.
Regular data backups.
Continuous static code analysis to detect potential code security issues.
Certifications
Hostinger is ISO/IEC 27001:2017 certified.
As for Health Insurance Portability and Accountability Act, our hosting services are not intended to provide a HIPAA-compliant environment according to our Hosting Agreement.
Security recommendations
To keep your account and websites fully safe, we also recommend you follow some basic security measures, such as:
Never provide your login and password to anyone. To safely provide access to a collaborator, use our Access Manager feature.
Scan regularly all your devices with an up-to-date antivirus.
Keep your CMS and application extensions updated to the latest version.
Download extensions/plugins/modules/themes only from trusted sources.
Always use secure and strong passwords.
Enable social login and two-factor authentication for your hosting account, as well as two-step authentication for your CMS admin dashboard.
To prevent data loss, you can also regularly download backups of your website files and database to your local device, as well as back up your emails.
Additional resources