Product Security

You and your community depend on your website’s safety and security. Squarespace implements and maintains technical and organizational security measures to protect your assets and data from everyday security threats.

Laptop on a counter surrounded by decor, displaying a secure Squarespace website

SSL

All domains correctly added to your Squarespace site are automatically protected with free SSL certificates to improve security. SSL secures connections and prevents impersonation or stealing of visitors’ information.

Denial of Service Protection

Squarespace has implemented solutions designed to protect against and mitigate effects of Denial of Service (DoS) attacks. Our fully-managed cloud hosting supports billions of monthly views and provides 99.9% uptime.

Login Activity

Use the login activity panel to review your account’s active login sessions and spot any suspicious logins from devices you don’t recognize.

Two-Factor Authentication

Add an extra layer of security and prevent unauthorized access to your account by enabling two-factor authentication (2FA).

Password Protected Pages

Hide individual pages behind passwords in page settings to prevent them from being publicly accessible.

Cookie & Privacy Panel

Add a cookie banner and imprint page to your website that is fully customizable to match your brand and protect visitor privacy preferences.

Operational Security

Website security for you and your community requires constant vigilance and compliance. Squarespace keeps your site constantly monitored and in compliance with global privacy and payment standards.

Security Monitoring

Squarespace’s Security Operations Center (SOC) monitors for threats and vulnerabilities 24/7 to ensure your website is protected.

Data Privacy

The privacy and security of our customers’ data is our top priority. We work diligently to ensure we are prepared to meet the demands of global data privacy laws like GDPR as a company and for our customers. Read more about our technical and organizational security measures.

PCI Compliance

All of Squarespace’s built-in payment processor integrations are compliant with PCI-DSS. Sensitive card data is never handled by Squarespace. It goes directly to the payment processor’s servers; Squarespace doesn’t have access to this information.

Upright smartphone displaying a mobile website, lined up alongside several blocks
Security Monitoring

Squarespace’s Security Operations Center (SOC) monitors for threats and vulnerabilities 24/7 to ensure your website is protected.

Data Privacy

The privacy and security of our customers’ data is our top priority. We work diligently to ensure we are prepared to meet the demands of global data privacy laws like GDPR as a company and for our customers. Read more about our technical and organizational security measures.

PCI Compliance

All of Squarespace’s built-in payment processor integrations are compliant with PCI-DSS. Sensitive card data is never handled by Squarespace. It goes directly to the payment processor’s servers; Squarespace doesn’t have access to this information.

Report a vulnerability

Squarespace is committed to maintaining a strong security posture. We encourage security professionals to practice responsible disclosure and let us know right away if a vulnerability is discovered. We will investigate all legitimate reports and follow up if more details are required.

Customer care advisors.
Customer care advisors.

Squarespace is the all‑in‑one platform to build a beautiful website.