Secure from the core
We thoroughly incorporate security into our platform, giving you protection from the get-go and a safe foundation for your sites.
We keep a vigilant watch over our platform, gathering real-time insights to detect any threats so you can keep focusing on your business.
Protection when you need it most
The success of your business depends on its availability and continuity. That’s why Wix designs response plans to keep your business up and running, in any situation.
Wix is committed to the highest international privacy and security regulations. Our website security certificates include PCI DSS Level 1, Soc 2 Type 2 and several ISOs, and we’re compliant with GDPR, CCPA, LGPD.
Physical data security
Our world-leading data center providers meet the top standards for physical, environmental & hosting controls.
Why is website security important?
Website security is essential to protect your site from DDoS attacks, malware and other cyber security threats. These threats attempt to gain access and use confidential information from both you and your visitors.
At Wix, security is built into our processes and platform, complemented by 24/7 monitoring to detect vulnerabilities. We’re constantly upgrading our security protocols and practices in order to keep your sites and business protected.
How can I make sure my Wix account and sites are secure?
Wix provides several security options to help make sure your account and sites are safe. We recommend adding an extra layer of protection to your login by enabling 2-step verification through email, SMS or third-party authentication app. We also encourage users to create tough-to-break passwords with multiple characters and symbols.
For content management security, you can set Roles & Permissions for others collaborating on creating your site, giving you control over the data they have access to. You can also choose to allow single sign-on and site members validation for site visitors. Wix supports Facebook and Google SSO for individuals, and OpenID Connect protocol for enterprises.
How does Wix protect my site visitors’ data?
Information Security and the protection of user and site visitor data is of the highest priority at Wix. The Wix Security team uses an Information Security Program based on international best practices, and it’s constantly evolving to address emerging threats. We also implement data encryption using HTTPS, TLS 1.2 and above, and SSL.
Wix software engineers develop our platform with a security by design approach, which means they keep security and privacy top of mind throughout all design phases. Wix seeks to add as many default and out-of-the-box security boundaries to its systems as possible, in order to reduce the probability of vulnerabilities and to support secure development.
All Wix sites come with an SSL certificate. You can read more about SSL and HTTPS here.
How does Wix protect my payments and transactions?
We maintain PCI DSS Level 1 certification, the highest Payment Card Industry Data Security Standard. Wix regularly monitors its systems for possible vulnerabilities and attacks, and seeks new third-party services to help maintain the security of our platform and privacy of user data. We also use an innovative combination of data analysis and machine learning to help protect you and your site visitors from possible fraud activities.
Who’s in charge of security at Wix?
Wix has a dedicated security team made of industry-leading experts. We also get the support and perspective of external independent researchers through initiatives such as our Bug Bounty Program.
Our security team is tasked with maintaining the company’s defense systems, developing security review processes, building a security infrastructure and constantly monitoring and optimizing our security solutions, so users can focus on running their businesses.
How can I contact Wix about website security?
We take security issues very seriously, and are committed to protecting your data and that of your clients and site visitors. If you have any questions, you can contact the Wix Security team at email@example.com. Learn more