Patchman is an application on our web hosting servers. If you activate Patchman, we can scan your WordPress, Joomla or Drupal website for vulnerabilities or malware and notify you of any security risks. If you activate automatic patching then Patchman also immediately solves these for you. This way you prevent intruders from misusing your website for spam or phishing.
When you activate Patchman, it will scan the files on your web hosting every day. If a security risk is detected, you will receive a notification and if you have turned on automatic patching, Patchman will patch the problem immediately.
How do I order Patchman?
The way you order Patchman depends on whether or not you already have a web hosting product for your domain name with us. Both situations are explained below.
Does Patchman send notifications?
When you've ordered Patchman it will have notifications enabled by default. You do not need to enable this separately.
Patchman will send you an email if any known vulnerabilities or malware are found. This e-mail will be sent from support@transip.nl to the e-mail address that is listed in your account details as 'E-mail address'.
Patchman will not automatically patch detected vulnerabilities or malware. You will have to take action yourself to solve the problem(s). For more information about this scroll down to 'Patchman detected vulnerabilities on my website. What should I do?'
If you want Patchman to automatically patch any known vulnerabilities and malware you will need to turn this option on in your control panel. To see how you can turn this on, go to 'How do I activate automatic patching?'.
Patchman can only recognize known vulnerabilities and malware. If Patchman does not know a vulnerability or malware you will of course not receive a notification.
What is automatic patching?
When you have enabled automatic patching, Patchman will automatically patch any known vulnerabilities and malware it finds. Then Patchman sends you an e-mail about the patched vulnerabilities. This e-mail will be sent from support@transip.nl to the e-mail address that is listed in your account details as 'E-mail address'.
If a patch by Patchman unexpectedly causes problems, you can contact our support department. They can roll back the patch so everything goes back to the original situation. You can then try to manually solve the problem yourself.
Patchman only patches known vulnerabilities and malware. If Patchman cannot patch the detected vulnerability or malware you will receive a notification so you can manually solve the problem yourself.
How do I activate automatic patching?
To activate automatic patching it is important that you have first ordered Patchman for your web hosting. After all, this service can only be activated if you actually have it. Patchman is not included in our web hosting products by default. Make sure that you have ordered this service first with the steps in the section "How do I order Patchman".
After you have ordered Patchman, you can activate automatic patching for your web hosting with the steps below.
Step 1
Log in to the control panel and click 'Shared Hosting' in the menu. Next, select your domain below 'Products'.
Next, select 'Security' -> 'Patchman' in the menu bar at the top.
Step 2
Below Policy you can choose whether Patchman should only detect malware, or also patch it automatically. To make sure Patchman detects and patches malware, select 'Automatic patch (recommended)'.
Automatic patching by Patchman will now be activated for your web hosting.
When you activate automatic patching by Patchman it can take up to 10 minutes for the activation to be completed succesfully. After turning on this option below Policy, you do not have to take further action.
Which parts of my website are protected by Patchman?
After Patchman is activated we only scan and patch vulnerabilities and malware within your CMS itself, for example Wordpress. At the moment we do not scan plugins or themes yet. Patchman only scans for known malware and vulnerabilities. This means that hacks that work through brute force, for example, cannot be caught by Patchman.
Does Patchman scan all websites on your servers?
Patchman only scans the websites of customers that gave explicit prior permission by activating Patchman for their website. Websites of other customers will not be scanned by Patchman.
Do you make a back-up of files that are patched?
At the moment we do not make a back-up of files that are patched by Patchman. Of course you do always have access to the regular back-ups of your web hosting product. You can find more information about that here: "How do I use webhosting back-ups?".
How does Patchman handle my privacy?
Patchman is a Dutch service and meets the requirements of the General Data Protection Regulation (GDPR). Information that Patchman receives from you is only used to guarantee that Patchman works properly.
When Patchman scans the files of your website, it creates a derived code from these files (in the form of a "hash"). With this code personal data cannot be retrieved and neither can the contents of the file. It can only be used to check if the file contains known malware or vulnerabilities. The files themselves are not shared with Patchman.
How do I deactivate automatic patching?
If you want Patchman to stop automatically patching known vulnerabilities and malware, you can turn this option off with these steps:
Step 1
Log in to the control panel and click 'Shared Hosting' in the menu. Next, select your domain below 'Products'.
Next, select 'Security' -> 'Patchman' in the menu bar at the top.
Step 2
Below Policy you can choose whether Patchman should only detect malware, or also patch it automatically. To make sure Patchman only detects malware, select 'Detect only'.
After you've turned off this option Patchman will no longer automatically patch known vulnerabilities and malware. Patchman will still send notifications when it detects known vulnerabilities and malware.
Deactivating Patchman is not the same as cancelling Patchman.
If you only deactivate Patchman this service will remain available in your control panel. Patchman will still send notifications when it detects known vulnerabilities and malware and costs will continue to be charged for Patchman.
If you want to stop using Patchman entirely and no longer want to be charged for this service, it is important that you cancel Patchman.
How do I cancel Patchman?
You can cancel Patchman via your control panel. The exact steps for cancelling a service can be found here: "How do I cancel a service?".
If you cancel Patchman, all data that Patchman has received from you will be deleted and none of it will remain. This of course has no consequences for the files on your web hosting: they will remain exactly as they were before you cancelled Patchman.
Patchman detected vulnerabilities on my website. What should I do?
We will inform you in the notification email whether the vulnerabilities have been patched or whether you still need to take action yourself.
- If you use automatic patching, you only need to verify that your website still works properly.
- If you do not use automatic patching, then it is important that you solve the vulnerabilities or malware yourself, for example by updating your CMS and/or plugins to the latest version. In the email you can see which website it concerns and the location(s) of the unsafe file(s).
Does Patchman also work on a VPS?
At the moment Patchman is only offered on our web hosting services. Patchman is not offered on our VPS services as these are self-managed and on a VPS you have the freedom to install similar security programs yourself.
In this article we explained what Patchman is and how you can order, use and cancel this service for your web hosting.
In case you have any questions regarding this article, do not hesitate to contact our support department. You can reach them by using the 'Contact us' button at the bottom of this page.