We at DotNest take the security of your sites very seriously and we do what we can to ensure that your and your users' data is safe.

• The data of the sites are completely separated. Users of other sites can't access your site's data.
• DotNest.com is exclusively served through SSL (HTTPS).
• DotNest sites, when using their default subdomains, are also available through SSL: If you want to visit your site through SSL you can do it by using a pattern like https://mysite.dotnest.net (for Orchard Core sites) and https://mysite.dotnest.com (for Orchard 1 sites). You can also set up SSL for sites behind custom domains, see using a custom domain name with DotNest.
• Media files are stored in Azure Blob Storage. We use geo-redundant storage that ensures your data is safe even if not just a server it is stored on fails but if the whole Azure datacenter is wiped out in a catastrophic event.
• To provide a safeguard against accidental changes or deletion we use point-in-time restore, soft delete for blobs, and soft delete for containers (managed under operational backup) with a 90-day threshold.
• For other changes made to the content of your website we use Azure's automatic backups for SQL databases with a retention period of 90 days.
• Additionally, you can use the Audit Trail module of Orchard to e.g. see exactly who did what on the website and have the ability to restore changed or deleted content right from the admin area.
• We use the Lombiq Hosting Suite to run DotNest safely, efficiently, and without downtimes. You can use it in your own app too!

If you ever need to recover a file or some other content you've mistakenly changed or deleted just let us know.

For GDPR compliance and privacy matters click here.

If you have found a security issue, then please get in touch with us and we'll look into it ASAP.