Then you need client-side encryption. Everything server-side, you can’t really protect from the hosting company.
The thing is that the whole backup strategy with server-side encryption gets more complicated, meaning they restore encrypted data and that doesn’t mean that you can use them, e.g. the server-side encryption signs the encrypted file with data from data base. If the backup of database and data are not done at the same time, that restore won’t work (however there are ways around to ignore the signing status, this way you will lose the information if someone tempered your data).
You’ll find a few topics here and on github, just a short random selection: