1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Preventing your site from being hacked
This guide explains how to prevent computer attacks and how to avoid hacking the website you manage.
The role of the host
Our job is to provide quality hosting so it is in our interest to respond extremely quickly to the various and varied attacks that any Internet actor may be subject to. We do everything we can to take maximum precautions against hacking / pirating.
In the case of a proven hack, if it is possible to go back to the author and the machine has been compromised due to a security defect within our jurisdiction, that the integrity of the servers is in question , we take matters into our own hands. We obviously take care of updating the versions (PHP, MySQL, etc.) very regularly.
The role of the site owner and the webmaster
If the hacking of your site is your responsibility (a script that is not up to date, a security patch that has not been applied, etc.) we warn you and urge you to do what is necessary in soon as possible. Indeed, we cannot counter exploits related to a bug in your PHP code or other. In some cases, however, we do not detect piracy and you will notice the intrusion by suspicious elements in your pages or by the receipt of many error emails, for example.
- regularly update all your web applications (WordPress, Joomla, Drupal, ownCloud, etc.)
- keep the PHP version of your site up to date on our Infomaniak servers
- keep your site up to date by migrating to our new offers when offered to you
- add a protection system to your contact forms (captcha, etc.) and to any "recommendation to friends" tools (tell-a-friend...)
- regularly run an antivirus scan of the hosting
- monitor Patchman Security Scanner
- remove anything that you didn't develop yourself and whose author hasn't updated/corrected for several months
- make a regular backup of your site (read this if you're using WordPress) when everything is fine and keep it somewhere safe (because our automatic backups are only kept for a few days and sometimes it's not far enough to go back after you notice an intrusion)
If a problem has arisen...
- modify the passwords of your Web applications , your FTP accounts and your databases by first checking that no virus is on your computer
- restore a backup but update immediately which can be updated as soon as the restore is complete