Website security responsibility is often unclear to website owners. This can be an issue when a website is hacked or defaced. Is the web host to be blamed for any hacked website? Let us find out more in this article!

Analogy of Web Host

You should imagine your web host as the owner of a building. Basic infrastructure (such as water & electricity) will be provided by the building owner. Additionally, security guards may also be arranged by the building owner for the tenants’ safety. With these amenities, you rent a unit within the building for yourself. Within your unit, you are free to carry out renovations to your likings. You may install smart lock at your main door. You may have tenants of your own. The building owners will not interfere with your activities as long as you do not affect other tenants and they are legal.

Likewise for web hosting providers, servers with appropriate computing power and network connectivity are prepared. You then subscribe to a hosting account, engage a web designer and build your website. You can setup a personal website or eCommerce website. You may also subscribe to website security services. Web hosts will not interfere with your activities as long as you do not affect other hosting account customers and your activities are legal.

Security responsibilities of Web Host

Using the same analogy of building owner, any burglaries due to negligence or fault of security guards, are the responsibilities of building owners. In web hosting context, the same is true. If a server is not secure (using end of life or outdated operating systems; lack of patch of backend services such as PHP, MySQL to name a few; or datacenters with poor security control) it is clearly the web host’s fault.

The web host’s fault can be pinpointed clearly — if more than one (1) customers suffer defaced websites, hacked email, to name a few, it is usually signs of server breach. These are facts that a web host cannot run away, and in fact most would endeavour with quick fix via disaster mitigation data rollback.

Website Security Responsibility

If you discover your website is hacked, a responsible web host will conduct checks on their end. If it is a server breach, they will usually perform data recovery to “fix” the problem for you. It will be quicker for them to do so, before other customers report the same problem. However, if your web host shares insights with you and suggests it is your website’s issue, do rectify it immediately.

Using the building owner’s analogy, a building owner will not be responsible if your smart lock or tenant introduced guests with integrity issues into your unit. Likewise, if your website designer fails to maintain the security of your website, a web host should not be blamed.

Conclusions

In the event of any website compromises, most web hosts will assist with their findings as they value your continuous service subscription and renewal. It’s understandable to feel upset upon discovering a hacked website, and it’s important to listen to your web host’s advice. If you find yourself in a situation where your web designer or web developer is no longer contactable, you can rely on our WordPress Malware Removal service for a solution. We are here to support you and work towards resolving any issues with your website’s security.