Is WordPress security a job for the hosting provider?

Is WordPress security a job for the hosting provider?
datum-geschreven 20 Feb 2024

A WordPress website that is not properly secured and therefore gets hacked can cause problems on the server.

  1. The site starts sending spam.
  2. The site consumes all resources of the server.
  3. The server’s IP gets blacklisted.

These are issues that cannot be prevented by the hosting provider. They can, however, limit the consequences by taking your website offline until it is made hack-free.

You would expect the hosting provider to be able to solve these problems by securing certain aspects “better,” right?

However, this is not possible. Your WordPress website requires certain permissions on the server to function properly. For example, it needs the right to upload files to the media library.
The server will not prevent this, and even though the server scans files, it cannot detect whether a file is harmful or not due to the thousands of variations of virus scripts.

If your website gets blacklisted, more websites are affected

The server has only one IP address per server/VPS (computer). When a website starts sending spam, that server with that IP address can end up on the blacklist. As a result, outgoing mails are no longer allowed by other hosting companies, internet providers, and email providers who want to protect their server and customers from an abundance of spam.


It is up to you to make your WordPress website secure so that hack scripts cannot place harmful files on the server through vulnerabilities in your WordPress website or plugins.

You can learn how to achieve this here.

De meeste artikelen worden geschreven door Mathieu Scholtes, de eigenaar van WPBeveiligen. Op de hoogte blijven van het laatste WordPress nieuws? WordPress tips? WordPress aanbiedingen?
Connect dan op Linked-in!

Heb je een vraag? Tip of gedachte? Deel die!

Breng me op de hoogte
0 Reacties
Inline Feedbacks
Bekijk alle reacties