Many webmasters are happy with their hosting providers … until their sites get hacked. This is when some of them may get frustrated with their hosts.
There may be numerous reasons for that:
Such frustrated webmasters regularly ask me to suggest a secure hosting provider so that they can move their sites and forget about security problems. However, as a security researcher I mainly have information about hosting companies that have all sorts of security issues and almost no information about companies that don’t have such problems.
It is not easy to tell whether specific hosting company is really good. You can’t trust all that they write on their web sites. You can’t trust positive user reviews – they may only reflect experience of webmasters who didn’t have security problems (either because they were lucky or just ignorant and didn’t notice them). You can’t rely on results of third-party tests — they only cover certain (not all) areas of server security. Moreover things change almost daily – hackers create new exploits, webmasters install new scripts, hosting providers hire new system administrators with different security practices and standards, etc.
So, since I don’t know how to reliably evaluate real level of security that hosting companies can provide, I decided to ask them. The idea is to find companies that emphasize security features of their hosting plans and let them explain why those features matter and how they can protect their clients’ sites.
With this post, I create a new blog category: Hosting+Security. Here I will post interviews with hosting providers and other stuff about how hosting companies deal with all sorts of security issues.
My goal is to provide you (webmasters) with the information that you won’t find on websites of hosting companies. I’ll try to ask questions based on the things I learned investigating dozens of real life hacker attacks and participating in thousands of security discussions in webmaster forums, on the things that I personally consider very important. And although I can’t guarantee that hosting companies will always provide frank and informative answers to my questions, I think it is worth trying. I’ll leave it up to you to decide whether their words and security practices resonate with you. And by the way, you’ll be able to ask your own questions in comments.
By the way, two interviews are already in the works, so stay tuned.
I realize that there may be many different approaches to secure hosting infrastructure and protect clients’ websites (hosted solutions with maximum restrictions, advanced malware and vulnerability scans, specialized hosting, cloud solutions, etc), so I’d like to hear from any company that wants to tell webmasters why and how they can provide a really secure hosting service for them. I’m especially interested in unique and innovative features and solutions that cannot be found anywhere else.
This Hosting+Security category is not limited to interviews. I will be happy to post your unique articles and case studies here if they provide useful information (not just marketing talk) about how hosting providers can prevent website hacks or at least efficiently detect them and quickly mitigate their negative effects.