Security Roles and Responsibilities

This article outlines the security responsibilities for the various aspects of Kinsta as a cloud service provider.

WordPress HostingStatic Site HostingApplication HostingDatabase Hosting
User accountCustomerCustomerCustomerCustomer
User management and accessCustomerCustomerCustomerCustomer
Site, application, and database resourcesCustomerN/ACustomerCustomer
ContentCustomerCustomerCustomerCustomer
Plugins and themesCustomerN/AN/AN/A
Git accessCustomerCustomerCustomerCustomer
Network and infrastructureKinstaKinstaKinstaKinsta

User account

It is your responsibility as a customer to manage your user account. This means you are responsible for keeping your credentials safe and using strong passwords to prevent your login details from being compromised. Kinsta allows you to protect your login details even further with Two-Factor Authentication (2FA), which you can enable within MyKinsta > User Settings > My Account.

User management and access

Company Owners and Company Administrators have access to add and remove users at any level. Company Developers can view the company users and grant users access to WordPress sites. It is your responsibility to ensure all users who have access to your company and sites have the correct access level. Find out more in User Management.

Site, application, and database resources

You must ensure you have the correct WordPress Hosting plan for your company and sites. If you exceed your visits limit, disk space, or CDN bandwidth (or bandwidth if you’re on a legacy plan), you will incur additional fees. Refer to Add-Ons and Overages. If you’re hosting an application with Kinsta, you must ensure you choose the correct build resources and pod size to support your application. If you’re hosting a database with Kinsta, you must ensure you choose the correct database size.

Content

You, as a customer, are responsible for all content on your site, application, or database, and you must comply with Kinsta’s Terms of Service, which includes a list of prohibited content. Kinsta has no obligation to monitor, validate, correct, or update your content in any way. However, if any content violates Kinsta’s terms of service, Kinsta may, in its sole discretion, alter, remove, or refuse to display it.

Plugins and themes

You are responsible for installing, updating, and removing any plugins and themes on your WordPress site. There are some plugins that are not allowed or won’t work properly in the Kinsta environment, such as caching, backup, or related posts plugins. To find out which plugins you can’t use, refer to our Banned and Incompatible Plugins.

Git access

If you use Application or Static Site Hosting, you must connect to a Git provider and authorize/grant access to Kinsta to verify your identity and access your Git repositories. You can also use your Git service provider login with Single-Sign-On (SSO) to sign up or log in to MyKinsta. Kinsta does not store your Git credentials, and it is your responsibility to keep them safe.

Network and infrastructure

With our Cloudflare integration, Kinsta customers benefit from a more secure firewall with included DDoS protection, high-performance CDN, Edge Caching, HTTP/3 support, wildcard SSLs, and more. At Kinsta, every site on our platform runs in a Linux container, and the site database runs as a service within the site container, all built on Google Cloud Platform (GCP) and Cloudflare. We do not run multiple load-balanced instances of each site infrastructure. Thanks to the flexibility afforded by the use of a container-based infrastructure, proactive load management by our Engineering team, and the use of a best-in-class cloud provider in Google Cloud Platform, we are able to offer an SLA-backed 99.9% uptime guarantee. For more details about our infrastructure and architecture, see:

Was this article helpful?