1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Web hosting: preventing website hacking
Our job consists in providing a quality hosting service, so we have a vested interest in responding extremely quickly to the various attacks that any internet user is open to. We do everything in our power to take as many precautions as possible against hacking.
In the event of a hacking attack, if it is possible to trace the author and if the computer has been compromised as a result of a security flaw on our part, if the integrity of the servers is in question, we take matters into our own hands. We obviously take care of updating the versions (PHP, MySQL, etc.) very regularly.
If the hacking of your site is your responsibility (a script which has not been updated, a security patch which has not been applied, etc), we warn you and request you to undertake the necessary steps as quickly as possible. Indeed, we cannot counter the effects of a bug in your PHP code or any other. Nevertheless, in certain cases, we do not detect the hacking and you will observe the intrusion via suspicious elements on your pages or by the reception of numerous error emails, for example.
If you did not create your site yourself or if you do not understand the following information, we recommend you contact your Webmaster or one of our partners.
- Regularly update all your Web applications (WordPress, Joomla, Drupal, ownCloud, etc.)
- Add a protection system to your contact forms (Captcha, etc.)
- Regularly run an antivirus analysis of your hosting (help)
- Keep an eye on Patchman (help)
- Remove everything you have not developed yourself and for which the author has not provided an update / correction for several months
- Execute a regular backup of your site when everything is running well and keep it in a safe place. We keep our automatic backups for 7 days and that period may not be long enough for you to go back to after observing an intrusion: read https://faq.infomaniak.com/2217 and http://faq.infomaniak.com/2089 if you use WordPress
If your site is hacked...
- Change the passwords for your web applications, FTP accounts and databases (help) while first checking there is no virus on your computer (help)
- Restore a backup (help) but immediately update everything that can be updated as soon as restoration is complete
Additional recommendations: https://faq.infomaniak.com/1137