Arama Yap Mesaj Gönder
Biz Sizi Arayalım
+90
X
X
X
X

Bize Ulaşın

Konum Halkalı merkez mahallesi fatih cd ozgur apt no 46 , Küçükçekmece , İstanbul , 34303 , TR
Security Center

Protect your account and digital assets

Learn the essential practices that reduce account theft, phishing, browser attacks and unauthorized access risks.

Strong passwords Use a unique and long password for every account.
Two-factor authentication Add a second verification step to your account.
Phishing awareness Verify the sender and destination before clicking.
Secure devices Keep operating systems, browsers and applications updated.
Security Center

Critical security warnings

The following risks are among the most common causes of account compromise.

Browser console and Self-XSS warning

Never paste code into the browser developer console because someone claims it will unlock a feature, provide a discount or verify your account.

  • Session information and authentication tokens may be stolen.
  • Personal information may be sent to another server.
  • Actions may be performed from your account without permission.
  • Your account may be completely compromised.
Eka Sunucu staff will never ask you to open the browser console or paste JavaScript code.

Password security

A password should be unique, difficult to guess and stored safely.

  • Use at least 14 characters.
  • Prefer a memorable passphrase instead of a short complex word.
  • Use a different password for every service.
  • Do not include your name, date of birth or company name.
  • Store passwords in a trusted password manager.
Changing a strong password frequently is less important than keeping it unique and replacing it immediately after a suspected leak.

Phishing attacks

Attackers imitate trusted brands and create urgency to obtain passwords, card details or verification codes.

  • Check the complete sender address, not only the display name.
  • Hover over links and verify the destination before clicking.
  • Be suspicious of urgent payment, suspension or verification messages.
  • Do not send passwords or payment information by email.
  • Open the website manually instead of using a suspicious email link.
Official messages should direct you to an ekasunucu.com address. Similar-looking domains may belong to attackers.

Two-factor authentication

Two-factor authentication prevents a stolen password from being enough to access your account.

  • Prefer an authenticator application or a hardware security key.
  • Store recovery codes in a secure offline location.
  • Never share one-time verification codes.
  • Review trusted devices and active sessions regularly.
SMS verification is better than password-only access, but authenticator applications and security keys provide stronger protection.

Device and browser security

Secure account access also depends on the device and network used to sign in.

  • Install operating system and browser updates promptly.
  • Remove unnecessary or untrusted browser extensions.
  • Use screen lock and device encryption.
  • Do not save passwords on shared or public devices.

Network security

Use trusted connections for account, payment and administrative operations.

  • Avoid sensitive transactions on public Wi-Fi.
  • Verify that the address begins with https:// and belongs to the expected domain.
  • Do not ignore browser certificate warnings.
  • Disable automatic connection to unknown wireless networks.
Security Center

Hosting and website security checklist

Security is strongest when account, application and server protections are applied together.

01

Updates

Keep PHP applications, CMS systems, plugins and themes current.

02

Backups

Maintain tested backups stored separately from the live server.

03

Access control

Grant only the permissions required for each user and service.

04

File security

Remove unused files, old installers and abandoned administrator accounts.

05

Monitoring

Review login activity, file changes and unusual resource usage.

06

Recovery plan

Document how accounts, DNS, backups and services will be recovered after an incident.

Security Center

What to do after suspicious activity

Act quickly and use a clean device when you believe an account may have been compromised.

  1. 1
    Change the affected password and any reused passwords.
  2. 2
    End active sessions and remove unknown devices.
  3. 3
    Enable or reset two-factor authentication.
  4. 4
    Check payment, profile, DNS and service settings.
  5. 5
    Scan the device and remove suspicious applications or extensions.
  6. 6
    Contact support and provide the time and details of the incident.

Frequently asked questions

How should I change my Eka Sunucu password?

Sign in to your account, open account information and use the password change section. Choose a unique password that is not used on another service.

How can I enable two-factor authentication?

Open account security settings in the customer panel and follow the two-factor authentication activation steps. Save the recovery codes in a secure place.

How can I verify an email claiming to be from Eka Sunucu?

Check the full sender address and link destination. Do not provide passwords, card details or one-time codes by email. Open ekasunucu.com manually when in doubt.

What should I do if I pasted code into the browser console?

Immediately change your password from a clean device, terminate active sessions, enable two-factor authentication and contact support.

Does HTTPS mean a website is completely safe?

No. HTTPS encrypts the connection and verifies the certificate identity, but it does not guarantee that the website content or operator is trustworthy.

Top