Bluehost: Server Protection & Security Measures

At Bluehost, we take the security of our servers seriously to help keep your account safe from threats. While we provide comprehensive server defense, it's important to understand that some risks—like weak passwords or outdated software on your website—can’t be fully guarded against just by server protections.

Knowing the common ways websites get compromised and taking steps to prevent those attacks is key to keeping your site secure. It’s also vital to be prepared to act quickly if you discover any security issues.

• What Does Bluehost Do to Protect Your Site?
• What Are Your Responsibilities?
• How Can You Boost Your Security?
• Need Help? Resources and Support
• Summary

What Does Bluehost Do to Protect Your Site?

Bluehost defends our servers with multiple security layers designed to stop attacks such as Distributed Denial of Service (DDoS) floods and unauthorized access attempts. Our firewalls, mod_security tools, and network flood protections operate around the clock inside highly secure data centers with limited physical access.

Additionally, we use other advanced security methods behind the scenes to keep things secure.

What Are Your Responsibilities?

As the owner of your website, your role is just as important. Here’s what you’ll need to manage:

• Use strong, unique passwords and update them regularly.
• Keep your account settings secure.
• Make sure all your software, plugins, and CMS installations are up to date.
• Regularly scan for malware and remove any infections.
• Set proper file and directory permissions—on Linux hosting, directories should be set at 755 and files at 644.
• Ensure any scripts you use are secure, no matter how they were installed.

We monitor for weak passwords and will notify you to update if yours doesn’t meet security standards. Continued use of weak passwords could lead to account suspension until a stronger one is set. To create a strong password, use a mix of uppercase and lowercase letters, numbers, special characters, and avoid common words or personal info.

Neglecting these responsibilities or failing to clean up compromised accounts might lead to account termination as outlined in our Terms of Service.

How Can You Boost Your Security?

Here are some practical tips recommended by Bluehost:

Keep Passwords Strong and Fresh

Avoid password reuse and create complex passwords that combine different character types to resist hacking attempts like brute force. Since malware like keyloggers can steal passwords, make sure to scan your computers regularly with trusted antivirus software.

Update Everything Regularly

Compromises often come through old software and plugins with security holes. Make a habit of updating your CMS, themes, and plugins whenever updates are available.

Back Up Your Website Often

While Bluehost provides some backup options, having your own routine backups means you can restore your site quickly if there’s a problem.

Use Safe File Permissions and Clean Up

• Only give files and directories the minimum permissions needed.
• Delete any unused scripts or old databases that could expose vulnerabilities.
• Keep sensitive files outside public folders.

Use Secure Connections

Always connect to your hosting account with secure protocols like SFTP or FTPS, and access your control panel over HTTPS. Avoid logging in on public Wi-Fi or unsecured networks without a VPN.

Consider Extra Security Tools

Adding services like SiteLock can help by scanning your site for malware daily and removing threats before they cause damage.

Need Help? Resources and Support

If you think your website might have been hacked or infected, Bluehost offers plenty of help and guidance to get things cleaned up. You can contact our support team directly or find detailed advice in our security resources.

Summary

Bluehost works hard to protect the servers that host your website. But the best security comes from combining those measures with your own careful management—strong passwords, keeping software updated, appropriate file permissions, and regular backups. By following these steps, you can ensure that your website is safer and more reliable. If you want to have an extra layer of security, you can use tools such as SiteLock, which provides additional protection against online threats. The best way to ensure that your website is secure is to be informed and proactive.