Security Policy

JIJ treats security as an operational responsibility across hosting, websites, billing, support, and client records.

Account Security

Clients should use unique passwords, protect email accounts, limit admin access, and remove users who no longer need access. JIJ may require verification for sensitive changes.

Platform Security

JIJ uses practical controls around hosting access, SSL support, server configuration, backups, and monitoring. Security needs may vary by package and managed service level.

Vulnerability Reporting

If you believe you found a vulnerability affecting JIJ or a hosted client, report it with the domain, steps to reproduce, impact, and your contact information. Do not access, alter, or download data that is not yours.

Incident Handling

JIJ may investigate suspicious activity, isolate affected services, reset credentials, restore backups, remove malicious files, or coordinate with clients and providers.

Client Software

Clients remain responsible for keeping CMS platforms, plugins, themes, third-party scripts, and custom code maintained unless managed maintenance is part of the agreement.