Skip to content

Security Policy

At webdesigner.lk, we take website and data security seriously. This Security Policy outlines the measures we follow to protect our website, client data, and online services from unauthorized access, misuse, or loss.

Ready-to-paste page content

At Webdesigner.lk, we take website security seriously and follow responsible practices to protect client websites, business information, and technical access details. This security policy explains how we handle website access, updates, backups, hosting-related support, data protection, and safe website management during and after a project.

Our Commitment to Website Security

We aim to build and manage websites with proper attention to security, stability, and long-term reliability. Every website project is handled with care to reduce common risks such as weak access control, outdated software, insecure plugins, poor hosting configuration, and unauthorized access. Our goal is to help clients maintain safer websites that support their business operations with confidence.

Website Access and Login Protection

Website login details, admin accounts, hosting access, and related credentials must be handled carefully. We recommend using strong passwords, limited admin access, and trusted user accounts only. Where possible, unnecessary users should be removed, and access should be given only to people who are directly responsible for website management.

Clients are responsible for keeping their own login details private. If login details are shared with third parties, Webdesigner.lk cannot be responsible for issues caused by unauthorized access, weak passwords, or external misuse.

Website Updates and Maintenance

Regular updates are important for website security and performance. WordPress core files, themes, plugins, scripts, and server-side components should be updated carefully to reduce known security risks. Updates must be tested where possible because some changes can affect website layout or functionality.

Clients who require ongoing support can request website maintenance services for updates, monitoring, backups, and technical assistance. For support requests

Hosting and Server Security

VPS Web Hosting Services in Sri Lanka | WebDesigner.lk
VPS Web Hosting Services in Sri Lanka | WebDesigner.lk

Website security also depends on the quality of the hosting environment. Reliable hosting, SSL certificates, secure file permissions, updated server software, and proper DNS settings help protect a website from common technical issues. We support clients with domain and hosting-related setup where required.

For hosting-related services, visit our domain name and web hosting page.

Data Handling and Privacy

We handle client information only for project-related communication, website setup, support, and service delivery. This may include business details, website content, images, login access, hosting information, and contact information provided by the client.

We do not sell client information to third parties. For more information about how personal information is handled, please read our privacy policy.

Backups and Recovery

Backups are an important part of website protection. However, backup availability depends on the hosting provider, backup system, package, and maintenance arrangement. Clients should not rely only on one backup source. We recommend keeping regular backups before major website updates, plugin changes, theme changes, or custom development work.

If a website is affected by technical failure, malware, hosting issues, or accidental deletion, recovery depends on available backups and the level of damage.

Third-Party Tools, Plugins, and Integrations

Many websites use third-party plugins, themes, payment gateways, analytics tools, forms, scripts, and APIs. These tools may have their own security policies, updates, risks, and limitations. We recommend using trusted tools only and removing unused plugins or scripts to reduce risk.

Webdesigner.lk is not responsible for security issues caused by third-party systems, external APIs, payment providers, hosting providers, or plugins that are outside our direct control.

Client Responsibility

Clients are responsible for providing accurate information, keeping login details safe, using secure passwords, and informing us quickly if they notice suspicious activity on their website. Clients should also avoid installing unverified plugins, sharing access with unknown users, or making technical changes without proper guidance.

Reporting a Security Issue

If you notice suspicious activity, unauthorized access, website errors, malware warnings, or unusual redirects, contact us as soon as possible. Early reporting helps reduce damage and improves the chance of successful recovery.

For urgent support, contact Webdesigner.lk through the contact page

Final Note

This security policy is provided to explain how Webdesigner.lk approaches website security, client access, updates, backups, hosting support, and responsible website management. Security is a shared responsibility between the website provider, hosting provider, third-party tools, and the website owner.

1. Website Security Measures

We implement industry-standard security practices to protect our website and systems, including:

  • Secure hosting environments
  • SSL (HTTPS) encryption
  • Firewall protection
  • Malware scanning and monitoring
  • Regular software and plugin updates

These measures help reduce security risks and ensure safe access to our website.

2. Client Data Protection

Any information shared with us—such as contact details, project information, or credentials—is handled with strict confidentiality.

  • Access to client data is limited to authorized personnel only
  • Sensitive information is stored securely

3. Third-Party Tools & Services

We may use third-party services such as hosting providers, analytics tools, or communication platforms. While we choose reputable providers, webdesigner.lk is not responsible for security issues caused by third-party systems.

4. User Responsibilities

To help maintain security, users are encouraged to:

  • Use strong passwords for website accounts
  • Keep login credentials confidential
  • Notify us immediately if suspicious activity is detected
  • Avoid sharing sensitive information through unsecured channels

5. Website Availability & Limitations

While we take reasonable steps to ensure continuous website availability, webdesigner.lk is not responsible for downtime caused by:

  • Server failures
  • Cyber attacks beyond our control
  • Internet or hosting provider issues
  • Force majeure events

6. Security Updates & Changes

We may update this Security Policy at any time to reflect changes in technology or security practices. Updates will be posted on this page with a revised effective date.

7. Reporting Security Issues

If you believe you have discovered a security vulnerability or suspicious activity on our website, please contact us immediately:

Email: admin@webdesigner.lk
Website: https://webdesigner.lk

We appreciate responsible disclosure and will investigate all reported issues promptly.