HubSpot Website Security

We take the security of your data, and your customers' data, very seriously. Cyber attacks occur every day, come in many forms, and can spell financial trouble for a small business if they are not properly prepared. To keep your information secure, we’ve taken several steps to ensure that HubSpot CMS is the most secure platform to host your website on.

Why CMS Security is important

  1. customer waiting

    Attacks are constant

    Regardless of where you host your website, there is always the risk of being the victim of a cyber attack. Every second of every day, roughly 39 cyber attacks happen. No defense is too large, and when determining where you to host your site, you want to ensure you choose a CMS that understands the importance of CMS security, and has the tools and resources available to protect your information.

  2. sg-defaults_doge.png

    Attacks are varied

    We’re all familiar with the concept of getting a “virus.” When it comes to CMS security, malware or viruses are only one problem you need to worry about. From DDOS attacks to man-in-the-middle attacks, there are several different ways hackers could try to compromise your site. Your CMS should understand each type of threat, and be prepared to handle each one as they arise.

  3. page-weight

    Attacks are expensive

    Building out your website is an investment in your business’ success. You shouldn’t have to invest further in ensuring the security of that investment. Nearly two thirds of all cyber attacks are targeted at SMBs, costing them roughly $100,000 each. Your CMS should not treat security as a luxury, or an optional add-on.

How HubSpot Helps Secure your Website

At HubSpot, we’re constantly monitoring the security of our CMS, and looking for ways that we can improve. Our goal is to provide you with the peace of mind that your site is hosted on the most secure CMS available on the market today. We do this through a number of different initiatives.

  • At HubSpot, your website and all of its content is served through our global content delivery network (CDN). This allows us to handle high levels of traffic - ensuring your site remains active during an influx of traffic. Datacenters around the globe host your content. If one datacenter goes down, traffic automatically is rerouted to the next closest center so you, and your visitors, don't experience any downtime.
  • Hubspot employs Cloudflare’s enterprise-class web application firewall, to detect any potential attacks before they pose a threat to your site. Malicious IP addresses are detected and blocked before they can get into your website.  
  • Security should never be considered a luxury. Studies show that 82% of people would stop browsing a site if their browser told them the site was not secure. At HubSpot, every site hosted on our CMS is automatically provisioned with a standard SSL certificate. SSL creates greater trust between your brand and visitors to your site, and increases your ranking within Google search results.
  • Not all businesses need it --- but it’s available if you do. HubSpot offers government level security through HSTS max age directices. With a our standard SSL certificate, you can create a 301 redirect to ensure your site is loaded at the secure domain. With HSTS, you can remove the ability for users to click through certificate-related warnings, ensuring that visitors always reach an SSL enabled site with HSTS headers enabled.
  • Pinpointing malicious attacks is only half the battle. At HubSpot, we monitor our network for anything out of place, allowing us to quickly identify and mitigate new attack types. We also go through the process of updating our products thousands of times per day, ensuring that you never need to worry about updating your CMS.
  • We have an entire team of individuals dedicated to ensuring the security of your content online. Through both automated and manual checks, they monitor the CMS 24/7 for attacks, potential abuse, or other anomalies.

What else does the HubSpot CMS offer?