Secure hosting

Built-in enterprise-grade website security

Security breaches and malware exposure are a constant threat on today's web. Our secure hosting protects you against harmful web attacks. We give you the tools to help you save time, money, and your reputation. We don't believe you should have to pay for these services.

Stay one step ahead of online criminals with MiqueHosting, at no additional cost.

Secure hosting - Built-in enterprise-grade website security

FREE AND ON DEMAND

Automatic malware scanning

We scan all websites every day for common malware. Using commercial tools and in-house developed systems, we discover all kinds of bad stuff. Malware, such as web shells or mail/spam daemons, can compromise your installation, giving criminals access to your site's data, emails, and content.

We provide you with a detailed report on the results of this scan in our MiqueHosting control panel. This is similar to the services offered by other web hosting providers, for which they charge a fortune!

If malware is discovered, we can send you an email alert.

WordPress users also have another way to check for malware, through our WordPress Checksum Report in our WordPress Toolset. This verifies that your WordPress core matches the official WordPress repository.

Secure hosting - Automatic malware scanning

Immediate results

If you discovered malware on your site, you will need to update your software or plugins and remove any compromised files. Once you have made the changes, you can rescan immediately. You will receive confirmation on whether your fixes have worked immediately.

Scanning on demand

What makes our malware scan special is that you can also run it on-demand. This is convenient because you don't have to wait until the next scheduled scan.

Disable PHP mail

If malware is detected, PHP Mail is disabled to prevent your site from infecting others via email.

HTTPS EVERYWHERE

Free wildcard SSL encryption

SSL-TLS certificates are a fundamental part of secure web browsing and data transfer. Legal regulations and Google's promotion have made it essential for every site to have one. That's why we partnered with Let's Encrypt to make every site we host 'https'.

Our free SSLs are 'wildcard' certificates. So you can secure subdomains in addition to your main domain using a single certificate. To get a free 'https' certificate, your site needs to use MiqueHosting's validated nameservers. They provide the same level of security as any other SSL certificate.

Secure hosting - Free wildcard SSL encryption

Our data centers are ISO27001:2013 certified. Security features include:

24/7 on-site security
Photo ID and swipe card entry
CCTV inside and out
Gated access and secure perimeter fencing
Redundant and uninterruptible power supplies

MiqueHosting employees must identify themselves before accessing any internal systems. We use centralized security and identification policies that follow a need-to-know, least-privilege access policy.

Isolated backups

All backups are stored remotely, separate from the web servers' source data centers.

PCI Compliant Hosting

If your business accepts card payments, your hosting needs to be PCI compliant.

In order to accept, store, and process debit/credit card information, your hosting provider must comply with the Payment Card Industry Data Security Standards (PCI-DSS). These standards were introduced to reduce credit card fraud.

The PCI Security Standards Council is in charge of regularly testing hosting providers. They look for vulnerabilities where hackers could steal cardholder information. MiqueHosting consistently passes these independent audits.

All emails and forwarders sent and received are subject to advanced antivirus and anti-spam protection.

We use 3 layers of inbound spam and virus scanning:

Network-level
Commercial anti-spam deny lists from Spamhaus, Invaluement and Barracuda Networks are used to reject mail from known spam networks.
Virus Scanning
Any known malware signatures are rejected.
Content-based
Messages are scanned for spam-like characteristics and filtered into the ‘junk mail’ folder.

Fully configurable email filters

These filters are fully configurable through the webmail control panel. Therefore, certain senders, domains and TLDs can be whitelisted to completely bypass the content filter. The same goes for denylists - you can create your own from our control panel.

Whenever we reject a message because of a known virus or network denylist, the message is returned to the sender so they know what's going on. We never "block" email.

Spammers are not welcome

If you're using the email accounts included with our shared hosting, you don't want scoundrels damaging your reputation (and ours) by sending out loads of spam emails.

That's why we monitor outgoing emails to make sure this doesn't happen and we have a zero-tolerance policy towards spam.

TWO-FACTOR AUTHENTICATION

Safer than just a password

Unfortunately, many security measures become ineffective if your password is compromised. That's why we offer the option to use two-factor authentication (2FA) for MiqueHosting Panel, Email, and SSH access.

2FA is a way to add an extra layer of security. Our 2FA uses TOTP apps, which give you a one-time, time-limited code to enter, in addition to your password. 2FA app providers include Google and Microsoft. The apps run from your phone.

We also apply another form of "2FA" - random security checks when making payments. This will require you to call us and confirm the additional security information you provided when you first signed up.

Secure hosting - Safer than just a password

1 TBPS+ ANTI-DDOS

Enterprise-level denial of service protection

Distributed denial of service (DDoS) attacks are a growing hazard on the web. They can do extensive damage to a business by flooding the server with requests, so that regular website users are unable to access your website.

If your shared hosting or virtual private server (VPS) is attacked, usually you don’t have much of a choice other than to weather the storm and wait for the attack to stop.

That’s why we introduced 1 Tbps+ anti-DDoS protection. This enterprise-level protection covers you against most attacks. It only filters-out malicious traffic, so you can carry on working without noticing any interruption. Don’t let the hackers ruin your business.

One way to stop security breaches is to prevent criminals from accessing your code on the server. Our web application firewall (WAF) protects your data and software by blocking suspicious activity.

A common attack on a website is the use of web forms to insert malicious code. Forms are not covered by traditional firewalls, as they must allow information to pass from the user to the server where the website is hosted. They can be an access point for data thieves or ransomware.

Even in the best case scenario, falling victim to this will cost your company time and money. In the worst case scenario: a breach could take down your company.

MiqueHosting's WAF helps prevent this by inspecting every HTTP request for SQL injection, trojans, cross-site scripting, path traversal, and many other types of attacks. It does this at the edge of our network, so it happens before web application scripts like WordPress are executed. It takes less than a millisecond.

The MiqueHosting security team regularly updates the set of rules that filter out malicious requests. This set of rules is built from commercially available resources and custom rules written by the MiqueHosting security team.

All of this makes it much harder to hack your sites and is done behind the scenes at MiqueHosting.

NETWORK PROTECTIONS

Keeping attackers away from your web apps

As well as the firewall, we also operate network defences. These are based on IP address and network-level (automated system) level reputation. They’re designed to block likely attackers before an attack starts.

Suspicious IP addresses and networks are routed to different web servers automatically, so traffic and load is kept away from standard web servers. IP addresses that have a bad reputation are blocked at the network edge, and entire ranges of IP addresses can be blocked too.

Secure hosting - Keeping attackers away from your web apps

STACK PROTECT

Brute-force login protection

A common attack vector for cyber criminals is to use brute force to guess your website’s ‘admin’ password. These are applications that cycle through common passwords and use trial and error – random letters and numbers – to try to crack your credentials.

Our platform includes StackProtect, which monitors log-in attempts to your website. It checks for potential ‘evil’ automated requests. If they’re detected, it uses Google’s latest reCAPTCHA tools and if necessary, blocks those attempts.

This also stops our platform being slowed-down. It blocks up to six million requests – every day. Logins to our WordPress hosting platform are our most popular target, but StackProtect covers all common website logins.

Secure hosting - Brute-force login protection

INFRASTRUCTURE THAT’S UNMATCHED FOR RESILIENCE

The best platform for security

The unique ways we set up our servers makes huge differences.

Autoscaling

A cyber-attack uses up a lot of web hosting resources, even if it’s unsuccessful. If you’re on our shared hosting, our autoscaling servers will account for the attack, meaning that your site will stay fast and online. At other hosts, an attack on one of your hosting ‘neighbours’ can slow down your site. Not so at MiqueHosting.

No single point of failure

Our platform has redundancy at every level. In the event of a hardware, software or network failure, automatic failover occurs to bring services back online. This redundant hardware and software design helps availability and mitigate data loss.

Isolated server roles

Web servers serve only websites, MySQL servers just run MySQL and email servers only email. Logs are sent to central log servers. These isolated server roles mean that even in the worst-case scenario where your website was compromised, an attacker won’t be able to cover their tracks or read your email.

SELF-MANAGED SECURITY

Lock down your website

Block visitors to your site IP address or country

Our hosting allows you block malicious IP addresses, entire subnets or even whole countries, if you like. That’s up to you.

Website password manager

You can add passwords to areas of websites or whole sites quickly and easily, without having to code.

Backups

If the worst happens, you should still have website backups to fall back on. You can create site backups quickly and easily in our control panel or set them to happen automatically.

File transfer denied

Commonly used access systems such as FTP, SFTP, Remote MySQL and SSH are denied as standard and can only be enabled after authentication through the control panel. You can unlock FTP for a set period of time so you can make changes, then it will lock automatically.

CDN security headers

Manage all of your website’s HTTP security headers in a simple dashboard. You can toggle the policies that allow or deny the passing-on of security-related information between the client and server.

Password generator

Generate secure random passwords from within our control panel. No need to resort to external password creation applications.

File permissions checker

Scan your website files for permission-based errors to prevent unauthorised access. Our File Permissions Checker will recommend and fix errors automatically.

Secured by TLS

FTP and SFTP is secured by Transport Layer Security protocols: the same crypto that helps create ‘https’ URLs. So, file transfers are less likely to be read or tampered-with by criminals.

Risk-free testing: 30-day money-back guarantee

Don't risk choosing a web hosting provider that doesn't satisfy you. With MiqueHosting, you can try our service for 30 days with no obligation. If you're not satisfied, we'll give you a full refund. It's that simple.

Talk to an expert Get Started Now

Built-in enterprise-grade website security