How does SiteGround protect my website?

As one of the best and most preferred hosting providers on the market, we know how important security is for our customers.

This is why server security is one of our top priorities. Here is just a small part of the measures we have taken to keep our servers and your websites secure.

• By default, we have set all servers to use PHP 8.2 version with the latest security fixes.
• We are running Apache in a chrooted environment with suExec.
• We have sophisticated IDS/IPS systems which block malicious bots and attackers (Intrusion detection/prevention systems).
• We are using a custom-built in-house nginx security module that scans incoming requests and protects our customers from the most common attacks.
• We are providing easy to use and hassle-free auto-updates for WordPress core version and the plugins.
• We strive to keep the versions of all the software that is providing database services (FTP, SMTP, IMAP/POP3, HTTP, HTTPS) up to date with the latest security patches.
• We are constantly monitoring for vulnerabilities in the most popular applications and modules and whenever possible we develop virtual patches in the form of WAF rules (Web application firewall).
• We ensure that users’ data is accessed only by trusted personnel on request by following strict policies and we keep detailed records for such access.

Unfortunately, the above is not always enough. Most web applications require constant attention and updates to remain safe from the latest security vulnerabilities.