We are happy to help you!
Our technical support is available to you from Monday to Saturday from 9 a.m. to 12 midday and 1.30 p.m. to 5 p.m. You can of course send us your questions by email. Emailed support questions are also viewed at the weekend and answered promptly according to the degree of urgency.
Important security guidelines!
Help to protect your own Internet website!
The Internet has become an indispensable tool for many of us. But it hides numerous dangers and risks.
We ask ourselves questions about security over and again in everyday life. But there we have learned to assess them correctly and deal with them.
For example, if at an airport check-in we see the sign 'Caution thieves', we do not panic or decide never to fly again in future. We simply look out more for potential danger and take appropriate safety precautions!
In the last few years, countless waves of hacking have been carried out worldwide. The focus was on password theft as well as spamming via foreign email accounts.
Research has shown security vulnerabilities in web applications, scripts and data management, which you can avoid as much as possible by following these guidelines:
- Password management
- Internet Software / Updates
- Backup / Data security
- Email address
- Safety precautions on the part of Hoststar
FTP, database and email passwords are often identical. This represents a very big security risk!
- After ordering you will receive from us the access data for FTP access and your my.hoststar area.
These passwords are not all the same!!!
- If you now want to change these passwords, ALWAYS use different passwords. Special characters increase the security
of your password. You can find help here for changing the FTP password / my.hoststar password (Additional Services)
IMPORTANT: please make sure that you ALWAYS use different passwords when you install new software, tools and scripts on your website!
When creating databases, a new and independent password should always be defined.
- The creation of different passwords considerably reduces the risk that hackers could read the access data and therefore have access to all hosting areas
Hosting Control Panel, FTP, databases, emails. This is the surest way to avoid unauthorized third party access to your website data!
- Make sure that you keep any record of personal passwords and access data in a secure area – away from the personal computer area.
Since new viruses and worm variants appear all the time, firewall, virus protection, operating system and all additionally installed software should be constantly updated.
- It is a good idea to get information regularly about the vulnerabilities of programs/software used and install any recommended updates from the manufacturer.
- Many programs have a reminder service, which automatically notifies you when a new update is available.
Updates are never sent by email. If you receive an email claiming to contain an update, please delete it immediately, it could be carrying a virus.
Make sure to install updates ONLY from the manufacturer's website!
Regularly backing up your website data is extremely advisable! However, make sure that the backed up data is stored securely!
Some programs or tools offer an automatic backup function. But according to the archive directory, these may provide another security gap!
- Never store a backup or archived version of your website in the public directory (html) on your web server account!
- This directory is referred to as public because it is accessible to anyone on the Internet, i.e. these files can be read publicly, searched or downloaded!
- Protect directories containing sensitive information with a password or archive your backups on another computer that belongs to you!
Again, it is recommended to store the backup in a secure area of your computer, possibly with password protection.
Hoststar secures the daily data of the entire web server, but in order to avoid 100% data loss, it is always recommended to create and manage your own backups!
With the many possibilities of the Internet, interacting via various platforms (emailing, chat, forums, blogs, shops, etc.), exchanging or buying goods,
we often give our private or even business email address without thinking. This increases the risk of being flooded by spam emails!
Observe the following rules:
- Even if you know the sender of an email, please be careful which email attachments you open. A virus can attach itself to a file without the knowledge of the
sender. The following file extensions are especially dangerous:
• .bat / .exe / .inf / .vbe / .vbs / .js / .jse / .chm / .lnk / .pif / .rm / .rt / .scr / .mdb / .pps / .wsh
Action: First, save the file (without opening it first!) and scan/test it with an updated antivirus program.
- Do not give your email address without thought! For inquiries and public 'rooms' on the Internet preferably use a free email address,
such as hotmail, gmx or yahoo in order to protect your private/business email address.
- Pay attention, especially in buying and payments (shop, bank, etc.) via the Internet, to the provider’s security certificate (SSL Certificate), which gives a URL
beginning (https://........ ). Put simply, the SSL Certificate (security certificate https://......) provides a secure, encrypted connection between you (browser) and the
server (e.g. on the website of a shop, bank, etc.). This connection is neither changeable from the outside nor can data be made visible or read from it. Thus you
can use your login without risk.
Through phishing, fraudsters try to obtain confidential information from unsuspecting Internet users. It may be, for example, account information from online
auctions (e.g. eBay) or access data for Internet banking (also PayPal access data, credit card information, etc.). The scammers take advantage of their victim's
good faith and cooperativeness by sending them emails with faked sender addresses.
In the emails the victim is informed, for example, that their account information and access data (e.g. username and password) is no longer safe or up-to-date
and that it should be changed via the link in the email. The link, however, is not to the original page of the company (the bank, PayPal, etc.), but to an identical
webpage set up by the fraudster.
If you are asked in an email to reveal your access data via a link, always contact the provider (your bank, PayPal, etc.) by phone and ask. In most cases,
it turns out that your real partners have never sent an email, as they already well know the danger of fraud via email. They would always send you such
a notification by post.
To make payments or for Internet banking transactions, always use the original address of the supplier, enter it each time afresh, or save it to your favourites
(bookmarks). Like this, you will not pass via a misleading link to a fraudulent website, and you will considerably reduce the risk of theft and misuse of your
In addition to permanent server monitoring, Hoststar has implemented various security regulations that block attempts by hackers right from the start.
Thus, security vulnerabilities in web applications are already closed by Hoststar, even if the application itself has not been brought up-to-date by the customer.
But as every day new vulnerabilities come to light, these measures do not of course replace the closure of these gaps with an update of the web application.
If a hacker should, in spite of all this, succeed in accessing a website and, for instance, starts a script to send spam emails, this is detected by our monitoring
system within 1-2 minutes and reported to the standby service. The support engineer ensures rapid removal of the script and immediately closes the security gap.
Since hackers are always discovering new ways of gaining access to websites and applications, there is no time wasted in the Hoststar security department:
The Hoststar servers are always up-to-date as regards security and are continuously further optimized!
We will be happy to answer further questions: