Menu

Daily Archives2013 December 03

Home

10 Tips in Using Hosting Service by Best Practice

It's easy to get your prefered hosting service nowadays because of the amount of providers. However, not everybody can use it properly even they have used the service many years. Based our editorial experience, almost every hosting service is different from each other. We have generated following 10 tips to help managing a healthy hosting account. It's extremely helpful for hosting novice who is not so familiar with the business.

Pay by paypal
It's highly suggested pay your hosting service via paypal instead other solutions like credit card. Why is that? Because in case you find the hosting is not what you needed, you can request money back easily. Especially when your hosting provider does not cooperate with the dispution, you can do chargeback request directly from paypal center.

Disable auto renewal
Many hosting service have auto renewal option turnned on after account setup. It's not good to clients because not everybody will use the service for more than one year. The trick is they provide us "regular price" other than promotional one from the first sign up. We might receive very good price for sign up but pay much more for renewal. The only way to save money is probably to renew several years. Hence, it's suggested to check if your account is set to auto renew after account setup.

free domain opportunityFree domain or not?
Yes, almost every hosting provider offer free domain opportunity. Should you take it? We suggest no. Using free domain option means your business is tied up to hosting company. Most hosting companies are actually domain reseller from certified registrars like Godaddy, Enom etc. Thus if you need to transfer out to other company, they can not handle it efficiently or even ignore your request sometimes. That's why we always suggest use domain and hosting from different providers to keep your properties in safe hands.

Dedicated ip or not?
Many providers highlight dedicated ip offers to attract visitors. Especially from old times when dedicatd IP was considered as great feature for SEO. But such advantage does not exist anymore today. Google has clarified this multiple times from official announcements. When do we need dedicated IP? Mostly when we operate an online cart that needs SSL protection. SSL installation requires a dedicated IP address to proceed.

Evaluate addon products carefully
It's easy to pick up a cheap and good hosting service, but it's not the end. Many hosting providers even those leading brands put advertisements in hosting control panel. They either provide this service directly or affiliate with third party providers. They always give good reasons to convince people to get registered. Once you get into such service, you may receive unlimited marketing emails.

account usage analyticsCheck account usage regularly
Every hosting service provides analyzing tools for account usage such as disk and traffic. This will help us understand how much we have used and how is our website performing. The traffic report will also tell us some unnatural visits like hacking attempts so we can apply necessary security reinforcement.

About shared SSL
Shared ssl is working the same as dedicated one. However, please keep in mind the secure url will be working on server address not our actual domain. For example https://serverid.servername.com. It's always provided free but may be not perfect choice if you're promoting a cart site. Your dedicated ssl will keep everything on your own site but not others.

About secure FTP
Secure ftp is highly suggested if you concern about account security a lot. You just need to make initial configuration then everything will be transfered via secure tunnel. Check with your hosting support if they support secure ftp or not.

hosting announcementPay attention to hosting announcement
Your hosting team will always send out newsletter every few periods. It's not all about marketing, sometimes they send out announcements for security fix on some popular website softwares. If you use such softwares, you should follow their guidance to upgrade its security. They also send out promotional offers for your account service sometimes that could save a lot such as for renewal. If you keep an eye on this, you're saving money with their service.

Don't use from pubic computer
It's not recommended to login your hosting from public computers because it will leave cookies. Especially for ftp connection, it will keep your connection once it's configured from softwares like filezilla, it brings big security issue by doing this. Unless you can clear out everything after use, it's never recommended to login your hosting service from pubic computers.

How to Secure Website Under Shared Hosting?

secure website under shared hosting

Shared hosting is the most popular choice by lots of people for its ease of use, low cost and rich features. Comparing to all other hosting solutions, we can put up website online in least time. However, because of the shared environment, there're hundreds or even thousands of other websites, security is a must concern. We have reviewed the top tactics for website protection under shared server and hopefully our readers will benefit from it.

Unlike VPS or dedicated server service, there're many uncertain factors for security setup. What we can do is to apply as much rules as we can to ensure the best security for our websites.

Use strong password

Strong password should be used for whatever online service. No matter for hosting control panel or website admin login, it's necessary to set a strong password and keep it at safe place. You might also consider to change passwords every few periods for best security. If you operate a business website, it's necessary to apply a fail try blocking so people who try to login via bad credentials will be blocked.

Use secure website software

Website script is core of security. No matter if you programmed by yourself or use any existing CMS, you should evaluate its security seriously. More and more people use cms softwares today thus it's crucial to use the right one. This includes two points – The software overall performance and your familiarity to it. Because many softwares are open sourced and everybody be able to view its source codes, you must find a reliable solution. Those leading softwares like joomla/drupal are supported and tested by thousands of users with frequent security fix. They're highly recommended if you like to use such solutions. Those less popular solutions should be avoid for business site creation since there's less support articles and you can't learn good experience from other users.

No matter what software you use, it's quite important to keep updated with the latest software release. Those vendors are always active in collecting customer feedbacks and do testing by theirselves to find security holes then apply hot fixes. Once there're enough bugs to fix and new features requirements, they will release new versions. Hence it's crucial to keep updated on your website for best security protection.

types of website hacking

Disable database remote access

Mysql database remote access is disabled by default in cpanel. Web masters always have to enable the connection for easy remote maintenance. But once you finished the work, you should disable this feature so no people can hack into your data easily.

Scan your files regularly

This includes both file permission and virus affections. Many security issues are produced by permission settings other than website itself. By default, all permissions are good enough in control panel because it's generated by optimized server settings. However, we always need to edit it sometimes. For example some app installations require full 777 permissions to proceed, but once installed, we don't have to keep everything under such permission so we must remember to reverse it back.

For other website volunabilities, we highly suggest use some reputable service like 6scan. Once we set the service, 6scan will frequently check your site and give out good reports for potential security issues. The best of the best is it will provide step by step fix. We personally received multiple warnings from 6scan service and applied several crucial fixes.

Use a good hosting provider

The most important part. No matter how you secure your website, if it's hosted on bad server with bad support, all your efforts worth nothing. A good web hosting service will save your half work in configuring a secure site. What's considered a good hosting regarding to security?

  • Leading server/network setup. Server hardware/software should be up to date and installed from reputable data center space. It's the best if hosting company manages their own data centers.
  • Good selling policy. No overselling can avoid lots of potential issues no matter for performance or security.
  • Ease of use. An ease of use service can simplify the process of securing account & fixing potential issues.

By following above rules we might have found it's not cheap to get such service. Price and quality are always on the same level. If we need high performance and quality security protection, those several bucks per year service should never be considered. Instead, a little more paying will actually save a lot in hosting a healthy site.

secure shared hosting