At Hostinger, we follow the latest security industry standards and best security practices to protect our servers, ensure information security and comply with all applicable laws and regulations, such as GDPR.
General security measures
While more technical details are reserved for preserving the integrity of the security systems in place, here are some of the most relevant safeguards applied:
Server and infrastructure protection
24/7 server monitoring
Server and infrastructure security configuration consistently applied across all servers
Firewall protection
Advanced security modules that assure the best possible protection, such as mod_security, Suhosin PHP hardening, PHP open_basedir protection, and others
Anti-malware protection on endpoints and servers
Procedures and practices
A dedicated internal Security team
Implemented internal policies and procedures to support information security
Continuous scan for vulnerabilities and penetration testing
Applied OWASP secure coding practices and other industry standards
2FA authentication enabled on all applicable systems
Data integrity
All operating systems are kept up to date, including security patches
Database encryption with secure hashing algorithms
Regular data backups
Continuous static code analysis to detect potential code security issues
Certifications
While Hostinger is not ISO 27001 or SOC certified, we have extensive security practices put in place to ensure information security
As for Health Insurance Portability and Accountability Act, our hosting services are not intended to provide a HIPAA-compliant environment according to our Hosting Agreement.
Security recommendations
To keep your account and websites fully safe, we also recommend you follow some basic security measures, such as:
Never provide your login and password to anyone. To safely provide access to a collaborator, use our Access Manager feature
Scan regularly all your devices with an up-to-date antivirus
Keep your CMS and application extensions updated to the latest version
Download extensions/plugins/modules/themes only from trusted sources
Always use secure and strong passwords
Enable social login and two-factor authentication for your hosting account, as well as two-step authentication for your CMS admin dashboard
To prevent data loss, you can also regularly download backups of your website files and database to your local device, as well as back up your emails.
Additional resources: