All software you use is your responsibility!
Website software:
It is your responsibility to look after every piece of software that you install within your hosting account(s) regardless if they are used or not, and it is also your responsibility to protect our servers from abuse. So you absolutely MUST keep all of your software up-to-date with the very latest versions of your software.
Simple things like updating a WordPress installation takes a few minutes (Plug-ins included), avoiding Joomla unless you are a PHP security coder who can re-write most of its code to secure it or seeking expert help to train you how to manage your website, and learning what your hosting account looks like when everything is working fine so that you can identify problems before they become major headaches.
Just like your own computer operating system and any other applications you have on your computer, things get updated, frequently, often for security reasons to make sure your own information stays safe, and that of others, and to ensure the latest software works correctly whilst introducing new features. Web hosting is no different.
Old versions of website software are also a security risk both to the data your website may be holding or email forms that can and will get abused to send out spam from your account, and as such, you must ensure that your website is kept secure by not allowing any of your files to be abused.
Website forms:
Any pages on your website that have any type of form for others to fill in MUST be secured to prevent automated scripts from abusing them. Things like newsletter sign-ups, contact forms, anything that can send data elsewhere, should as a minimum, have an upto date capture in place to prevent automated use. Better security is preferred.
Account Passwords:
DO NOT use simple passwords! Sadly this is still very much a problem. Customers are still using simple easy to spell passwords, leaving themselves wide open to a simple dictionary attack login attempt.
We cannot stress enough, the importance of using strong passwords. Even if you pick a 6 digit complex password and repeat it twice, security is immensely improved. For your client area too, anybody else needing access to your client area for support tickets MUST have their own sub-account created and activated by you, not them, using your login.
Email accounts:
When setting up your email accounts, do not set them up with huge mailbox quotas. If you get hit with a spam attack, it will not stop until your mailbox is full, and setting a huge mailbox quota means you will block up your own connection to the server in a never-ending loop of downloading it all.
Start with something reasonable like 50MB, which is still a decent starting point and can hold 5000 emails (Average 10kb per email). If you need more later, you can easily change your own mailbox quota within cPanel in 2 clicks.
We would highly advise against using free Wi-Fi in places you are not familiar with too, such as a cafe or bar and hotels etc, as this can expose your device to other people and give them access to your device and any email accounts on it.
Email forwarding:
Do NOT, under any circumstances, forward email addresses from our servers to external email providers.
Doing so will also forward all spam to your external mail provider and they will see it as coming from your domain name, getting you blacklisted, and your domain name earning a bad reputation, and our server getting blacklisted (For which we will bill you for).
If you do not keep your software up-to-date / refuse to keep it up to date and/or simply let it get hacked causing us and other customers a disturbance, we may do any or all of the following:
- Severely reduce or remove your outgoing email limits.
- Impose strict rules upon sending to correct addresses.
- Bill you for any blacklist removals at £85 +vat per blacklist that your server ends up on.
- Withdraw any client discounts immediately and ask you to pay the money back that you were given in discounts.
Please don't put yourself, us and other customers in a position where we are having to defend ourselves from you and/or your lack of care and good common practice.
It is an absolute requirement and part of owning any website or public facing software, that it be kept up-to-date and well maintained.
