Web Hosting Support Levels

Finding the right secure and reliable web hosting provider comes down to the support level. If you have been following the past Cyber Security Fundamentals post series, then you will want to be asking the same questions you asked yourself to them. Understanding what support they truly provide is key when it comes to your business presence.

  • Do they perform backups on your behalf?
  • Do they enforce secure plugins to be installed?
  • Do they ban software or plugins that are known to be harmful or malicious?
  • Do they enforce strong passwords?
  • Do they apply patches on your software to ensure a secure platform? Do they notify you before they do it?
  • Do they monitor your site and their infrastructure for security and performance issues? Do they tell you about them?
  • Do they have a status blog and communicate issues in a responsible manner? Or do they try to hide their issues?
  • Are they a reseller to another service provider? Some resellers provide real added value, but you will want to dig deeper to determine who actually does what and ensure it happens. You don’t want to end up in a situation where the provider was pointing at someone else down the chain and throwing their responsibility out the window.

In the end, all of these questions is trying to determine how intentional are they on helping you. Are they there to partner with you and support your business? By their actions are they secure and reliable? Sure you can do many of these things yourself, but if you are paying for support and management of your website, shouldn’t they have some responsibility over it as well?


Web Hosting Software

You will want to know what specific software is being ran on your server and ensure that it is running a stable version and not vulnerable to security vulnerabilities. Software is what exposes you to risk, but it is also what runs your business website! So you want to be intentional in what is being ran, and ensure that software and services that you are not using are turned off as there is no point in exposing yourself to potential risk if you don’t have to.

In order to find out what software you are using, your web hosting provider should be able to specifically tell you the software, versions, and configurations that are being used. If they are not able to do this, it would be another indicator that they are not on top of their game as a web hosting provider. Another method could be to perform or have a company perform a service enumeration and vulnerability scan against your server. This would definitively show what is being exposed to the public internet, and what security issues might reside from a network perspective.

Web Hosting Architecture

There are several factors at finding a secure and reliable web hosting provider, and it starts at the core infrastructure.

  • What architecture do they have in place for the web servers, database servers, dns servers, etc? Is it a redundant setup so if there is a denial of service attack or you get excessive traffic your site will still be online?
  • Is your website and database server hosted on the same machine? Will your whole site go down if one piece goes down for maintenance? It helps to have redundancy so that proper maintenance could be done in a secure and reliable manner.
  • What server providers do they use? Is it only one or do they have redundant links? (Are you seeing a theme yet?)
  • What performance metrics can be seen and can you determine their historical performance? Is it a stable provider or are they having trouble all the time?
  • Are they a reseller to another service provider? When it comes to architecture, you might have to dig deeper into the actual provider as the reseller might not know themselves, which is an indicator that they are not on top of their game.


Shared vs Dedicated Web Hosting

The next main decision point is likely if you want to have a account on a shared server or dedicated server. Shared means that other customers will have an account on the same server and dedicated means that you are the only customer on the server.

Most of the time, an account on a shared server will mean that you have more security risk. If an attacker broke into someone’s account on the same server you had an account on, your files and website could likely be exposed right away. You have no control over what other customers are on the same server as you, and therefor you don’t have the ability to limit the security posture of your website. This of course assumes that the server is not virtualized and partitioned off for each customer.

A dedicated server limits this risk because you will be the only customer on that server, so if there is a security issue it came from either a lack of support from the provider, from you. I tend to like dedicated servers because of the control and putting the security responsibility on you and the provider you select.

Managed vs Do It Yourself Web Hosting

This is probably the main decision question you have when finding a web hosting company. Do you want to manage the servers yourself or do you want to have a provider support you in those efforts?

My personal opinion is that there are so many aspects to having a secure and reliable web server, that you are better off having a solid reputable company do these tasks for you so that you can focus on your own business. The time involved to learn and implement properly a secure and reliable web server setup would probably take several person years of experience. So unless you have that skill as something you could leverage, why risk the time and uncertainty of proper implementation when you can rely on a trusted third party to do that for you?

All remaining web hosting posts will be from the perspective of finding a reliable web hosting company that manages the servers and your web presence in a secure and reliable manner.

What Should I Monitor on my System?

Hopefully I convinced you why you should monitor your system activity so the next question becomes, what should I monitor?

Here are a couple common areas to monitor regardless of system function. From webservers to desktops, this list can get you started:

  • What a user did on your system. If you have a system that have multiple users on it, they will likely fall into some sort of typical usage pattern. If it goes beyond that, then you might want to investigate the activity some more.
  • Identifying new files on your system. If you weren’t the one that created those files, then who did? Are those new files malicious at all?
  • Checking for indicators of compromise. Attackers use exploit toolkits and they typically have signatures that you can scan for to identify if you have already been hacked.