Archive

Important Facts About Web Server Security and Vulnerability Issues

The rise in hacking attacks on web servers is increasing and it is important that you understand a few basic facts about web servers and vulnerability security to ensure you protect your hard work from attack.

You’ve chosen your hosting provider, you’ve got the great idea for the website and started to build it but, there are things you need to be aware of concerning web server security issues. So take a few minutes to read this article on web server management and vulnerability security.

If you are developing the website yourself then it is essential that you understand the web server security issues associated with website development. The problem starts the moment you install a web server on your hosting provider account. This action opens a tunnel into your network for the whole world to look through and without vulnerability security you are dead in the water.

Although most people who visit your website are content to shop, a few will try to dig a little deeper into things you don’t want the general public to see on your website such as vulnerabilities, this is where vulnerability security comes in.

Of course you also have the main threat and that is the type of person who specifically wants to see the things they shouldn’t and will attempt to force there way in by any means available to them. The affects can range from the inconvenient, for example the discovery that your web site’s home page has been changed.

To the really damaging problem of theft of your customers personal data and your entire database, plus the inclusion of viruses and Trojans to spread to customers pcs the next time they visit your site. To stop this you must include vulnerability security in your system design.

It’s well known in website security forums that badly designed and updated software opens up possible security holes in your system, also that overly complex software also contains bugs that can be exploited. The problem is web servers are usually large and complex programs that can contain security flaws causing web server security issues and that’s why It’s so important to understand web server management.

CGI scripts can be executed via remote request due to the open architecture of web servers. There is a good chance that any of the CGI scripts installed on your web site could contain bugs or flaws and could be a potential security hole and this is not the problem of your hosting provider.

The general goal for all web developers in relation to web server management and vulnerability security concerning network security of their web servers is to keep the bad guys out and control their database and website. The irony is that the whole idea of a website is to provide the world with access to certain parts of your database and network. A badly configured and maintained website and web server can result in large holes in the most carefully designed firewall. Yet over eager controls can make the website hard to use and not customer friendly.

There is a general opinion by most web users that surfing the web from their home is safe but it is not. Web pages contain such things as active content like ActiveX controls and Java applets. These can introduce the possibility of viruses or other malicious code or software into the user’s system when they are browsing without their knowledge.

Active content can also cause major problems if not controlled properly. ActiveX is not the only problem the mere act of browsing the internet leaves a record of your surfing history for an unscrupulous person to reconstruct an accurate picture of your surfing tastes and habits.

Also the users and web developers implementing web server management need to worry about the lack of confidentiality of the transmitted data across the internet. The protocol (TCP/IP) was not designed to ensure security and so is vulnerable to eavesdropping over the network. Most of the data transmitted over TCP/IP is in the clear.

When a sensitive document is transmitted from the website server to the internet browser or a customer sends their private or personal home banking details to a website someone may be eavesdropping on that transmission.

To help you ensure that you are not taking unnecessary risks with your service and customer data remember these simple tips:

Remove unnecessary services like interpreters – If you don’t need services such as FTP (File Transfer Protocol) remove it. FTP is a protocol that comes with your website server and could be used by hackers. Spend some time analyzing your scripting languages and remove any that are not required for the website.

Make sure you enroll in the security list for your server vendor – You don’t necessarily have to join up with them but you must at least monitor their website on a regular basis for any new patches and make sure you apply them straight away. Also make sure you checkout your operating system for updates and patches as well.

Use strong passwords – Try to avoid easy to guess passwords and use alpha-numeric, this means adding numbers, symbols and capitals to make guessing and cracking much harder. But don’t make the password policy so strict that it makes remembering your password to hard. Make sure you always change the default password and remove unused accounts.

Monitor your server logs – All request and activity on your web server is tracked so review the logs regularly for signs of suspicious behavior.

Segregate you Data – Separate any private customer information from publicly available data by storing them on different machines if you can.

Learn how to configure your server properly – It’s important than you understand the basics about configuring servers so try to limit the executable files to your specific directories and make sure that the source coding cannot be downloaded.

Automatic directory indexing is another service you can disable if you don’t need it. Any automated security tools you can run that are supplied or provided by your OS or web server vendor. Some examples of such tools include Microsoft IIS Lockdown Tool. This will help to identify potential weak spots in your settings.

Check programs for security holes. An area that is particularly prone to security breaches is CGI scripts on web servers especially if the scripts do not validate the user supplied data before trying to accessing operating-system services or system files.

Source by Brian Harrison

What’s Behind Game Server Hosting – History and Growth of Game Servers

If like me, you have ever wondered whats behind the game servers you play on and how they truly work you may find this informational article very interesting. In this first part article I will tell you how game server hosting came about and what it took to get the online gaming world running.

The history of dedicated game server hosting:

Dedicated game server hosting is where it all began for online gaming as back when the first online gamers started out the only way to play over the Internet was by hosting their games on their own machines (a standard home PC).

All the gamer had to do was buy his/her game and create a server which would be hosted and played from home, this was often done simultaneously on the users home PC under a dedicated server application similar to to days dedicated server option included with most games such as Counter Strike Source. Due to the low speeds and specs of home computers back in these times the gamers machine would often be put under enormous stress and would only offer the gamers’ a low dismal server performance and game play.

Even when Internet providers offered a higher connection such as faster broadband and more bandwidth to help them keep up with the server load, the data that needed to be computed was still to much for most home computer systems to handle themselves. Back in these early stages of online gaming home computers simply did not have the power to process such high speed and detailed data needed for high end online gaming and dedicated hosting side-by-side. Factors such as 3D graphics, game physics and network data sorting and distribution that was needed to be sent to each player connecting to the game server simply could not be done in the high standards needed for good online gaming.

The dedicated servers:

The dedicated server application is what was used on the servers (hosted from a players home PC), this application was specifically made for the job of hosting servers from a gamers home PC, this would work by collecting and distributing data from each player that’s connected to the server, this would then be sent on to all the other players on that one game server showing all the players the same images.

The stand alone dedicated server is a whole machine which is used only to host a game server and is not played on by anyone. A separate dedicated server is a much more efficient and effective solution then using a peer-to-peer arrangement such as the home dedicated server which you would host and play the game server your own PC.

Unlike many gamers a server host will know every aspect of a game servers inners such as how it runs and works including both the servers software within and its operating system (OS) and the hardware which is powering the dedicated machine.

The growth of game servers:

In the growth of online gaming gamers had to start looking for better solutions to their server dilemmas, this was mainly because LAN events, Leagues and gaming teams started to form, these online gaming teams consisted of players world wide. Faster and more reliable hosting solutions were looked for to give more power and smoother game play. The game hosting solutions needed to offer them true performance with low ping (latency return) in tens of milliseconds rather then the hundreds or thousands that home computers gave. This was a very large need due to the size that online game servers could be run at (players of up to 20). Now the number of players that can join a single online game server has gone up to 30, 40 and even 60, these numbers are still growing to this day and probably will continue to do so for many years to come thanks to the minds of online game designers.

Dedicated Game Server Solutions:

Using a professional server was the obvious solution. These servers were designed specifically for reading the data and transmitting vast amounts of it faster for the players to play without loss in performance. Game hosting companies purchased rack servers and co-located them in data centers around the world to host online games on. Prices for this sort of luxury were very high to start of ($300 – $800 or £150 – £400 a month, some times even more depending on the server specifications). Prices have been able to drop dramatically due to the huge success in multi player online gaming increasing 1000 fold within a few years.

Source by Nathaniel Bailey

How Does WordPress Work?

WordPress for an Easy Website

Chances are that you have already heard of WordPress. But what is WordPress? Simply put, WordPress is web software that you can use to create your own website or blog. Since it was released in 2003, WordPress has become one of the most popular web publishing platforms, and today it powers more than 70 million websites. Because it is built on industry standard php and mySQL, the WordPress hosting platform can run on just about any modern server.

But what many people do not realize, WordPress is not just a blogging tool. It is also a highly flexible content management system CMS which gives you the opportunity to build and manage your own full features website using only your web browser. Best of all, it is completely free. It is constantly improving and evolving. That’s because WordPress is an open-source project which means that hundreds of volunteers from all around the world are constantly creating and improving the code for WordPress software. And there are thousands of plug-in, widgets, and themes that enable you to build a completely custom website for just about anything that you can imagine.

How does WordPress work?

Since the early days of the Internet, websites have been created in HTML, a programming language that utilizes complex instructions called tags to format text, images, page-layouts and so on. Your web browser then reads the HTML code interpreting the tags to render and display the content of a particular page. These days, you can install WordPress on your own web hosting account in a few minutes. And once installed, it enables you to use a simple, web-based editor to create web pages without having to learn HTML. There is even a hosted version at WordPress.com, that allows you to create a new WordPress website in just a few seconds. The down-side to this method is that you do not have your own domain name, but instead you are using a sub-domain. Most Internet professionals agree that registering and building upon your own domain name and website is more valuable in the long run than spending the same amount of time to build a website using someone else’s domain name. This is why it is recommended that you get a shared web hosting account and install WordPress on your hosting account. Many shared hosting accounts include an easy click-to-install feature that makes installing WordPress on your own hosting account using your own domain name a snap.

  • johnday.WordPress.com
  • johnday.com

With your own domain name and your own web hosting account with WordPress installed, you are in control of your own content and your own website.

WordPress is a great choice for your website or blog:

  1. It’s open source, which also means it is free for commercial or private use. Hundreds of people working on it, WordPress is constantly improving and evolving.
  2. It is user-friendly. Rather than having to hire a web designer or contact your webmaster when every you want to make a small change to your website, you can easily manage and update your own content all without having to learn HTML. If you know how to use the basic formatting tools in Microsoft Word, you can edit your site.
  3. It’s flexible and extensible. There are literally thousands of plug-ins and themes, both commercial and free that enable you to easily change the entire look of your website or blog or even add new features like polls or contact forms with just a few clicks.
  4. It is easy to find support. So if you want to add highly customized features, its easy to find support or hire someone to help you. The official WordPress forum that is very helpful to find answers to all your WordPress questions. Other support options include the WordPress Stack Exchange or WP Questions that offer answers to your questions. There are thousands of developers who can help you as well.
  5. WordPress is SEO friendly. WordPress is standards compliant and includes everything you need to ensure that your content is optimized for search engines which is critical to your websites’ success and visibility in search engines. In short, WordPress is made to do SEO well.
    • Fully compliant with W3C standards
    • Built in support for RSS and Ping-O-Matic
    • Clean, search engine friendly code
  6. You will be in control of your own content. Some other publishing platforms limit what you can or can not do on your own website. And your locked into that service, so if it ever shuts down you could easily lose all your content. With WordPress you can import your data from other systems like blogger or tumbler. And you can easily export your data to move away from WordPress, should you choose. You are in control of your website and your content.

Design a website with WordPress and a Web Hosting account:

The following steps outline the process you will go through when setting up a WordPress website on your web hosting account.

  1. Buy domain name and web hosting
  2. Install WordPress from cPanel
  3. Change settings and permalinks structure
  4. Add essential plug-ins
    • Better WP Security – secure your WordPress website
    • WP Super Cache – speed up and improve the performance of your site
    • WordPress SEO by Yoast/All in One SEO Pack -optimize your site’s posts and pages for search engines
    • Contact form – add a simple contact form to a page on your website
    • Google XML sitemaps – create and submit your XML sitemap to Google for better indexing
  5. Install theme
  6. Add content

Web hosting account and WordPress

WordPress allows you to focus on your content – as opposed to countless hours of working the design and workflow – you will more likely than not enjoy running your site on this CMS. So if you are looking for an easy tool to build your own blog or website without having to learn complicated HTML, no other system makes it this easy. And you will find that WordPress is incredibly flexible with thousands of themes, plug-ins and support options to ensure that your site will continue to grow with you in the future. Most web hosting comes with WordPress ready to install with just a few clicks and the support staff at your web host are most likely very familiar with WordPress for your assistance.

Source by Stephanie Rosendahl

How to Gauge the Health of Your Website Before Disaster Strikes

Today’s message is a friendly reminder that the Internet is one of the most dynamic places in the world. Yes, we may realize millions of people make legitimate searches on it every second of every day, but it’s easy to forget unscrupulous individuals and their malware are right beside them in significant numbers, too.

Keeping your website healthy and secure are the most essential maintenance and marketing issues in 2019, and a little preventive maintenance is worth a pound of cure.

Clients who come to me with a broken website, or a site that has poor performance, are often surprised to learn that…

  • their website has been hacked or compromised in some way
  • a lack of web server maintenance exposes security vulnerabilities
  • web server updates often break site plugins creating an increase in security vulnerabilities and performance issues
  • web server firewall setup and updates have been neglected, meaning your website is now exposed to vulnerabilities and direct attacks
  • improper installation and configuration of the web server have made the site vulnerable to malware and direct attacks.

There are a variety of professional tools web developers use to measure the specific health of your website. For website owners, one of the more popular tools for a quick overview is provided by HubSpot. Their Website Grader provides useful insight as to where improvements can be made concerning your website’s health in general.

While you are checking your website for security vulnerabilities and performance issues, take a few extra minutes and put your marketing hat on to ask yourself this question: What is my website’s search ranking? Besides being essential for obvious reasons, you may not realize that your website’s search ranking is partly formulated by certain factors that are directly related to its overall health-so they are inextricably intertwined. To review one without the other can quickly lead to a misdiagnosis of your website’s overall health.

Search ranking is the best indicator of your site’s visibility on given search terms and phrases that match your products and services. It’s not difficult to learn if you have the right tool, and this tool is a free service we offer to all website owners whether you’re a customer or not.

For sure, your website’s search ranking is a very complex and dynamic process. Since Google has at least 80% of the search market in North America, we are most concerned with the Google ranking number, which is based on over 200 factors! It’s the best way to know the probability that your website will be visible to any number of related searches. And since your website ranking is dynamically factored, your ranking at a given moment is a snapshot according to present conditions. A high search ranking is the Holy Grail of search engine optimization (SEO).

If your search rank is not where you want to be according to your SEO Score Card, no worries. Even if you are graded low for given keywords (<70), my SEO experts can help improve your ranking month-by-month.

As previously mentioned, some of the more weighted SEO factors are related to your website’s performance, responsiveness, and security. Here’s how it’s related.

For example, an experienced web developer can analyze and mitigate any performance and security issues related to,

  • Un-optimized programming
  • Un-optimized page responsiveness (viewability on mobile devices)
  • SPAM hacks
  • Slow host server
  • Host server too far away (slow page loads)
  • Improperly sized image files
  • Too many unnecessary plugins
  • Outdated plugins
  • Unnecessary redirects
  • Outdated CMS
  • … and, we’re just getting started!

If any of the mentioned reports or information provide you with motivation to improve your website ranking (SEO), performance, and/or security, please contact me for a no-obligation consultation. I’m here to help you take advantage of business opportunities by utilizing the best and most affordable website design techniques along with expert-level services in Kansas City and beyond!

Source by David Little

Cloud Computing: The Ins and Outs

Cloud computing has gained significant popularity over the past few years because of its self service capacity, flexibility, affordability, scalability and its pay as you go service model. You may have also heard cloud computing referred to as the cloud, cloud hosting, cloud server hosting and etc. These terms have been thrown around so much and most do not even know exactly what it means. So what is cloud computing?

Cloud computing is unlike traditional hosting alternatives that use a single dedicated server, as cloud computing uses virtualization technology to pool or share resources from an underlying network of physical servers. In other words, a group of physical servers acts like one big server to bring you the resources that you need on demand. Cloud computing delivers shared computing resources, data or software through the Internet; which is the most common way of accessing the cloud. However, intranets and dedicated networks are also used too. Resources provided by the cloud include: networks, servers, storage, platforms, applications and other services. And these resources are shared between people and organizations, and accessed by applications or users.

The Five Main Characteristic of Cloud Computing

In cloud computing, there are five fundamental characteristics that differentiate it from traditional hosting alternatives, including rapid elasticity, broad network access, on-demand self-service, resource pooling, and measured service.

· On-Demand Self-Service

With cloud computing’s on demand self service, you are able to access email, applications, network or server services without human interaction. Simply set up an account with the seller, create billing and security credentials, and select the cloud computing resources that you will need. Generally this is all done by utilizing a user friendly and easily accessible web-based self-service portal.

· Broad Network Access

Cloud computing services are available over a network, either over a dedicated network, the Internet or the Intranet. These services can be accessed by anyone, anywhere, anytime on any device or workstation, with the right credentials of course.

· Resource Pooling

Cloud computing provides multiple customers the same physical resources, however, with a a separate environment for each client. And the resources from these physical servers can be pooled from various servers, in various data centers, in various locations. And if a server in your network goes offline, then your virtual server will pool resources from another server in your physical network. Even if an entire data center in your network is down, then your resources are pooled from various data centers in various locations. This structure allows for decreased risk in the instance of failure.

· Rapid Elasticity

Perhaps one of the essential benefits of cloud computing is the flexibility that it provides to users, as cloud resources can be rapidly and elastically supplied to quickly scale out and in to meet demand. In other words, you get the resources that you need when you need them.

· Measured Service

Cloud computing leverages metering capabilities to measure your usage of resources, allowing you to only pay for what you are using. In other words, just like a utility bill you will only be charged for what you use, nothing more nothing less.

The 3 Main Cloud Computing Service Models

In cloud computing, there are three main service models. They are Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).

· Software as a Service (SaaS) is the most extensively used cloud computing service model. SaaS allows developers and organizations to utilize business specific applications developed by third parties. In a SaaS model the vendor hosts both the application and the data, and the end user is free to use the services from anywhere. SaaS is not your average on premise software, as it is deployed over a network, generally the web, accessible via browser or program interface. Services can be anything from email to inventory control to database processing. Some examples include: Salesforce.com, Zoho, and Netsuite. The service level coverage provided includes: application uptime and performance.

· Platform as a Service (PaaS) is a type of cloud computing that provides users with software development tools that are hosted on a cloud provider’s infrastructure. In a PaaS environment, developers can leverage the resources of a cloud provider to create and host applications on their platforms over the Internet. The greatest benefit derived from PaaS is that users can run existing or develop new applications without being concerned about the maintenance of server hardware, operating systems, load balancing or computing capacity. In other words, you can unload the responsibility of owning, managing, and operating systems software and hardware to your service provider. The types of services provided can be anything from RunTime scenario, cloud storage, integration and etc. Some examples of PaaS are Google App Engine, Windows Azure and Force.com. The service level coverage provided includes: environment availability, environment performance and no application coverage.

· Infrastructure as a Service (IaaS) is a form of cloud computing that provides users with networks, storage, virtualized servers and systems software that give you all the functionalities of an entire data center. In other words, you are able to use computers that your service provider owns, manages and operates. Resources should encompass servers, storage, vendor managed network and virtualization layers so that your network architect is able to run your application and data. All the while, you will have control over operating systems and deployed applications. Types of services provided: cloud storage and virtual server. Some examples: Amazon Web Services, RackSpace Cloud and Go Grid. The service level coverage provided includes: virtual server availability, time to provision and no platform or application coverage.

The Three Major Cloud Solutions

There are many types of cloud strategies to employ. There are three main types of cloud solutions, including: public, private and hybrid cloud solutions.

· Public Cloud

When people think of the term cloud, more often than not they are referring to the public cloud. A public cloud solution is shared by thousands of customers worldwide and is available to anyone on the Internet. This is the easiest and most cost effective cloud strategy to employ. However, because you share the cloud with the public, you do not want to keep sensitive information here.

· Private Cloud

When your organization has sensitive data, privacy fears are a leading issue. This is where a private cloud will come into use. A private cloud is either a proprietary network or a data center that provides hosted services to just a single customer. In a private cloud setup, you must either lease or supply the hardware that will be used. Not to mention you can either manage some or all of your IT resources in-house or managed externally. For businesses that are in highly regulated industries where security is paramount, a private cloud solution is the only alternative. The benefits of a private cloud solution include: no restrictions of network bandwidth, security vulnerabilities, and legal concerns that utilizing a public cloud might encompass. It can also have improved security, accountability, and resiliency than a public cloud because use can be contained and managed. Some disadvantages are that a large capital investment is required, time to market can average 6-36 months to establish and the learning curve is great.

· Hybrid Cloud

A hybrid cloud is a combination of a public and a private cloud and is considered to be the best of both worlds. A hybrid cloud solution allows you to keep all of your secure data in a private cloud setting, while getting high usability of mobile and web based access to corporate applications. In most cases, a hybrid cloud solution that combines the advantages of both private and public clouds works rather well for a bulk of businesses. Some advantages of a hybrid cloud solution include: no vendor lock in, minimizes the risk of data loss and/or downtime, save the extra cost of purchasing exclusive server hardware and get fairly reliable connectivity, even in case of outages. One major disadvantage is that a hybrid cloud solution is very expensive.

Source by Akshay Pareek

How to Choose a Web Host – Web Hosting Guide

Choosing the right Web Host matters

Whether you’re putting up a personal website or a commercial one, you should choose your web hosting provider wisely. The reason is that you will most definitely want your website to be seen by the largest number of people. To do that it is essential to take a little time to go over certain basic but very important factors that will ensure more visibility for your site.

Points to consider when choosing web hosting

There are so many web hosting providers and packages on offer today. Each one of them have their own unique advantages and weaknesses. So how would one decide which one to choose?

Even after you zone in on a particular provider, you still need to choose the hosting package that will suit you. Every web hosting site offer many different types of packages to choose from. The most popular type is the ‘Unlimited Bandwidth’ package.

The following points should make your task of choosing web hosting simpler for you.

1. Server Uptime & Customer Support:

The most basic thing for a website to be found on the internet depends on whether the server where the files are stored is online i.e. up and running at any given time. This is called Server Uptime.You will find that most of the web hosting providers will claim a 99.99% server uptime. Some even claimed 100%.

If you have time, search for comments by users of the provider on internet forums or elsewhere online. Or go for the larger more established hosting companies who have built a trusted reputation. Most good hosting companies have multiple server data and power backups. A few also promised 100% and they do that by guaranteeing refund of fees in the eventuality that any downtime might happen.

Another very important feature of a good web hosting is Customer Support. They should provide customers with 24/7 phone and internet support. They should have a good collection of tutorials and FAQs readily on their site in case you might need help. Make no mistake, you will contact your hosting support more often than you think, especially if you are serious about your website.

2. Pricing & included features

The range of pricing and features included in web hosting packages are pretty wide. You will want a fair balance of features and quality that will suit your needs. As with any other product, cheap usually gets less quality. On the other hand some pricing can be exorbitant without any special value.

The prices of hosting packages are usually dependent on the set of features included. These includes data storage and bandwidth limits, number of allowed addon domains and subdomains, number of email and ftp accounts hosted, shared or virtual or dedicated server plans, programming languages and databases, site tools, shopping cart etc, and the list goes on. One can be easily confused with these numerous choices more so if you are not familiar with them. Don’t worry, we will cover the essential ones in the next paras.

Pricing for a fair value shared hosting packages usually starts around 6-8 US$ per month. Virtual Private/Dedicated Server around US$ 30-50 pm and Dedicated Servers at US$ 60-80 pm.

Pricing tip: If you have not acquired a domain name or want to add another, then some packages include free domain with hosting. They can be a good bargain.

3. Data Storage and Bandwidth limits

If you are new to putting up websites, you might have very little idea about how much data storage space and bandwidth your site will need. First off, don’t worry too much about this. Even the most professional people will tell you that themselves. Because your needs will grow as the number of visitors to your website increases, you will know all about it as you go along.

Data Storage Space: Unless you intend to host lots of video/movie clips or a gigantic amount of big resolution pictures, most hosting packages will do. Normal websites rarely occupy beyond 40-50 MB (megabytes of storage space). The basic shared hosting package for the top registrar costing $4.99 pm includes 10 GB(1000 MB) of storage space.

Bandwidth Limits: Bandwidth limit is the amount of data transfers your hosting permits per month. This depends on how much visitors your site has and the type of files you serve i.e. basic web pages, pictures or video clips etc. Here too, not that much to worry about for normal websites. Most hosting providers will offer “Unlimited Bandwidth” even on their value shared hosting packages.

One word of caution though for those intending to host video/movie clips or high resolution pictures. Do not be fooled by Unlimited Bandwidth Shared Hosting packages. If you go through the “Terms of Use” and “Common Usage Policy” for most shared hosting packages, they will undoubtedly have a section where it says that you are not permitted or will be charged extra for “abnormally high data bandwidth usage”. Advice is you will probably be better off choosing VPS or dedicated server or Cloud hosting or high bandwidth packages.

4. Shared Hosting vs Virtual Private Server vs Dedicated Server vs Cloud Hosting

How to choose between these types of hosting? Putting it simply, you should choose by how busy or popular you think your site will be viz Shared – VPS – Dedicated – Cloud, in that order.

Shared Hosting: Majority of websites on the internet are on Shared hosting. It is good for personal and small websites. They are the most economical of hosting packages. In shared hosting, a number of hosting accounts usually 10-100 are hosted on a single physical server. They share the same server storage and broadband connection.

Shared hosting is particularly recommended for starters and small to medium personal and commercial websites that do not host picture/movie/video downloads.They can cost between $5-$15 per month.

Virtual Private Servers: This type of hosting is usually used by medium websites with medium storage and bandwidth requirements. Virtual Private Servers are hosted on unique ip addresses (eg. 192.170.1.8) and are virtually like a dedicated physical stand-alone server, but with less cost than a physical dedicated server. The way it works is that multiple accounts say 3-10 are hosted on a single physical server, each accounts having it’s own unique host id or ip address, data storage and bandwidth separated from each other by software.

VPS hosting can cost between $30 to $150 per month depending on the features for a 1 year contract. Note: All hosting packages price decrease as you increase the number of years of contract.

Dedicated Server: They are usually used by the medium to big websites who need storage and bandwidth scalable to their requirements. They are hosted on separate physical servers. In other words they have a server rented out to them. They have full control over the server with its own unique address, hard disk, ram and bandwidth.

The price of renting a dedicated server depends on the physical components of the server, the hard disk capacity, the processor version, the amount of ram and the broadband connection. Prices can vary between $65 to $200 and beyond per month.

Cloud Hosting: A relatively new thing in the world of web hosting, Cloud hosting is the next generation type of hosting. Instead of having one physical server, cloud hosting uses several servers located in different locations connected to each other.

The main advantages of cloud hosting is the scalability factor and cost efficiency. For big websites there is big benefits. As a website grows larger than its current capability, all they need to do is add another server to join the networked group of servers.

Cloud hosting packages can be priced anywhere from $100 to $550 and beyond depending on the storage and bandwidth requirements.

5. Addon Domains & Sub Domains

Addon Domains are the domain names i.e. websites eg. “http://www.yoursite1.com”, “http://www.yoursite2.com” that you want to host with your hosting provider. If you intend to host more than one website, you need to choose the package that allows it. Most of the cheapest web hosting packages will allow only one website.

Sub Domains: They are the different directories that you may want to create eg. “http://directory1.yoursite.com” or “http://directory2.yoursite.com”. The number of Sub Domains allowed may be different on different packages. Do not confuse this with folders eg. “http://www.yoursite.com/folder1” or “http://www.yoursite.com/folder2”. There is no limit on folders.

6. Email and FTP accounts

Email Accounts: These are unique email accounts for your website/s eg. “name@yoursite.com”. You can set these up and give it to anyone, your friends, visitors, customers. No worries here cause most of the hosting packages will give you plenty.

FTP Accounts: FTP stands for “File Transfer Protocol”. FTP accounts are used to access your hosting files from web softwares. They are of tremendous help to web masters in that they allow you to update, delete or create new files and folders in your host directly from web design software and ftp softwares. No worries here too as most packages will give you more than 10 accounts. You can allocate this to your designers and co workers as you like.

7. Programming Languages & Databases

Frontpage Server Extension, PHP5, Custom PHP.ini, Perl w/FASTCGI, Python CGI, Java, Ruby CGI, Ruby on Rails w/FASTCGI, ColdFusion, MySQL(Unix), MsAccess, MySQL(Win) etc.

These are programming softwares and databases used by your hosting server. They are used for the more advanced web features like automated content management, user management, running scripts and programs etc. If you don’t understand them, you don’t need to. Because most of the package include the popular languages and databases that you might need when you want to use them.

8. Content Management, Blogs, Forums: Drupal, Joomla, Mambo, Nucleas, Moodle, WordPress, Geeklog, Lifetype, Serendipity, phpBB, SMF, Vanilla Forum etc.

These are ready made tools for setting up blogs, forums and content management to enhance websites. Most packages have enough choices here too.

9. Website Tools, Marketing Tools, Shopping Cart Website Tools: Website Builder, Web Analytics Tools, FrontPage Extensions, Google Custom Search, Google Webmaster Tools etc.

These are basic tools that helps in building websites, gauging website popularity and statistics and site enhancements included in most hosting packages.

Marketing Tools: Google AdWords Credit – $50, Yahoo! Search Marketing Credit – $25, Facebook Ads Credit – $50 etc.

These are ad credits for advertising your website. They are great bargains if it is included.

Shopping Cart – For those wishing to sell products online this tool is quite important. Most packages include them.

10. Web hosting tips for good SEO

One of the things that improves Search Engine Optimization (SEO) and should be considered when choosing a web host is the location of the server. Experience shows that search engines favor locally hosted websites when search is made. Big search engines like Google are known to give preference to locally hosted sites. This means that to rank higher in, for eg., UK, it helps to have a web hosting server that is located within the UK. Another thing that also is known to help SEO in local search rankings is regional TLDs or domain names. So for UK, the domains.co.uk or.org.uk are given preference.

Another point to note is that shared hosting can hurt your website’s SEO rankings. Experts believe that if you have a site which shares the same server and ip address as a Google penalized site, your site also suffers as a result. The obvious way to avoid this is to host your site or sites on a separate ip address which will mean a dedicated server of a Virtual Private Server.

Source by Kay Tata

Hotel Website Security & Hacker Proofing

The Internet is an incredible tool that enables us to communicate with individuals from across the globe, research all sort of information and even shop. In the past few years, booking hotel accommodation online has become popular due to the internet’s convenience i.e. it is an extremely effective way to search for hotel accommodation, compare packages and rates of different hotels and finally, to actually book hotel accommodation. Unfortunately, with the good comes the bad. If the internet expanded the hotel’s market reach to include global travelers then hackers (criminals), use the internet to gain unauthorized access to your computer and commit fraud and damage your earning potential and hotel reputation.

As an hotelier with a hotel website, you accept reservations and collect payments directly online, and the continuity of your business depends upon your ability to keep your guest’s personal and credit card information safe. To prevent hackers from breaking into your computer systems, you need to install a firewall, ensure sensitive information is encrypted and maintain proper

security (restrict access with passwords) in the office. You can achieve this by taking the following steps:

1.Data Encryption: Use Secure Sockets Layer certifications to secure your guest’s information. A SSL certificate encrypts personal data and lessens the risk of having your private data intercepted by third parties. This will help reassure guests of the safety of their credit card information.

2.Firewalls: Credit card details can be safely sent with SSL, but once stored on the server they are vulnerable to outsiders hacking into the server and accompanying network. A firewall (software or hardware) can protect the server and network from attack by viruses and hackers. So, in addition to signing up for a SSL certification, you need to install a firewall to secure all data stored on your server.

3.Security Protocols: Implement security protocols such as MasterCard Secure Code and Verified by Visa to provide stronger identification for online payments and enhance security for card transactions over the internet.

4.PCI Compliance: The latest security measure is Payment Card Industry Data Security Compliance Certification. By implementing PCI DSS version 1.1, set of comprehensive requirements, you enhance the payment account data security.

To summarize, hackers are a threat to business and you need to take appropriate steps to prevent hackers ruining your hotel’s brand name and image. By implementing the steps listed above, you can prevent your business from becoming a target of hackers.

Source by Gardner Wilkinson

Free Web Hosting Sites For Your Business

For a first-time user, paid web hosting may seem unnecessary when a simple internet search pulls up free hosting alternatives running into the 1000s. Of course if you look deeper into the offers, then obvious differences appear: free web hosting comes at a price (pun intended) in that disk space, bandwidth and services will be less than paid for sites, and often advertising (which is how the service can be offered free) may seem out of place, or worse still, over the top.

For the professional or business website, paying a nominal monthly or annual charge through hosting companies (a lot of whom offer free trial periods, or upgrades from free service start-ups) will be the way to go. In the following list of hosts, many offer a “try before you buy” business plan, and this is a good reason to use a free hosting service in the short-term.

But for individuals, or small businesses or groups that do not have a problem with advertising and only need a limited number of website options, then free (and limited) web hosting is a suitable choice.

Please Note:

Do always read the Terms and FAQs: offers and services can alter at the stroke of a keyboard button!

Bandwidth is used each time a visitor views your site’s content: a 1 MB file uses 1 MB of bandwidth each time the file is viewed.

Web Storage/Web Space/Online Disk Space is just like your own computer’s hard drive: there’s only so much space. More space means more room for site content like pictures, videos, and documents.



10 Web Hosts with Free Services

Yola

Offering website hosting and design with a WYSIWYG (What You See Is What You Get) tool, as well as controlled advertising, Yola makes website creation simple. Small business and solo users will be able to build on their original sites with paid-for add-ons when the situation arises, and new web users have a library of free designs to choose from, as well as paid-for premium themes. A good starter choice for new starters, especially with the options for growth.

Webs

Yes, that’s their name (perhaps “Internets” was taken?). With a point-and-click (WYSIWIG again!) site builder, this web host and design site offers plenty to the most un-technical among us. They offer a Mobile Website App to give people visiting your site from a Smartphone a mobile-friendly experience. Services include domain name – and the option to transfer, email, 40 MB Web Space and 100 MB Bandwidth on their free option.

www.gbbo.co.uk (Getting British Business Online)

Getting British Business Online is a joint initiative from Google, Enterprise UK, BT, e-skills UK and many other partners to help small businesses create their first website and understand the opportunities offered by the Internet. Their website proudly proclaims that users can create a website for their business in 20 minutes. A WYSIWYG tool means, like many other free hosting sites, technical knowledge of the web is not needed. As well as the customisable website, users will receive a.co.uk address, regular updates, and a business email.

FreeServers

With over 4 million websites under their belt, this web hosting provider has the age and experience that means a lot of the kinks of web hosting services have been ironed out. With similarities to 50megs (see below), this established service offers 50MB Web Space and 1 GB Monthly bandwidth, and is supported by (some may say heavy) advertising.

FreeHostia

From their busy (and pretty) website, this web hosting company offers a free service with 250 MB Web Space, 6 GB Monthly Bandwidth and 3 emails. Offering both Joomla and WordPress templates for the blogging side of your site, this service has one-click set-up, 24/7 Customer Support, and is bannerless – good news if you don’t like advertisements.

FortuneCity

Like many other hosts on the list, FortuneCity has a free service that will be enough for some users, and an affordable option that would do for most. The free service has 1 GB Web Space and Unlimited Monthly bandwidth, as well as their own blogging tool. Having been around since 1997, they are well-used, well-tested, and well-known, and upgrading to their Affordable package means users may cut out advertising.

Bravenet

Ad-supported free hosting, and plenty of scope with premium paid-for packages, this Web Host offers multi-domain hosting, 5 MB Web Space and 1.5 GB Monthly Bandwidth. Bravenet has a number of options available if the free service satisfies but you still want more, and is a well-known name in the industry.

AwardSpace

Offering a free service with 250 MB Web Space and 5 GB Monthly bandwidth, this free web host has some impressive numbers. They are also upfront about the limitations of their free service, which includes a limit on outgoing emails, file sizes, and no site builder. However, for the smaller website this host is an excellent option.

Agility Hoster

A free web hosting service, with the option to upgrade to paid personal or business plans, which is another good example of a suitable candidate for polished personal websites and small businesses. Their service includes two domains, 200 MB Web Space and 5 GB Monthly bandwidth, numbers that are not uncommon on paid hosting sites.

50megs

There may be a lot of ad placement at 50megs, but that hasn’t stopped the web hosting company offering its services since 1995, and they have had plenty of satisfied customers! As well as their own website templates, users can copy pre-existing sites over to the service. Anyone doing a web search (and others have commented, too) will notice that 50megs and FreeServers both have websites and services that are (ahem!) alike… with 50MB Web Space and 1 GB Monthly bandwidth.

Source by Esther Rosie

WordPress Security Tips and Hack Defense

From WordPress core, theme and plugin safety, to user name and password best practices and database backups.

Other topics to consider include:

  • layered security measures like using the .htaccess file to enable or disable features
  • limiting file permissions
  • black listing and white listing IPs
  • disable file editing
  • using HTTPS

WordPress Security

If you run a large commerce site and it gets hacked, you can lose valuable customers and of course, money. Web hosts are likely to suspend accounts that are hacked taking your site offline. You don’t want to waste your time patching up a site after hacks or paying hosting when your site is down.

Why is WordPress so successful?

WordPress is the world’s most popular content management system now powering 20% of all websites. It’s success is due to its intuitive interface and the fact that its free and open source. Its features provide endless options for extending functionality through the addition of plugins and the ability to customize your site with themes and widgets. With thousands of paid and free themes and plugins available on the web, the option to create a site that is both functional and uniquely yours is virtually limitless.

Why is WordPress exposed to attack?

These same features are the most common ways that we expose our sites to attack. Because WordPress is open source, anyone can easily explore the core code or search through any of the most popular themes and plugins for hacks. These are items of WordPress that are out of your control.

Your host and WordPress hacks

Unless you pay big money to have your own server for web hosting, you also can’t control the hosting environment your website is run on.

Brute force attack

A brute force attack is also something that is out of your control. While you can’t always stop them, you can put into place measures to limit the damage and make it difficult for someone to successfully hack your site. Even tech giants like Microsoft, Apple and Amazon have had their security breached. No site, WordPress or otherwise, is completely secure. What you must do is recognize where weakness exist and create extra layers of defense to protect your content in the event your site is hacked. Use as many common solutions as possible to help manage the weakening of your site through human error.

A brute force attack can last months and involve thousands of servers world-wide. All hosting providers who offer WordPress are potential targets Hackers use compromised servers and PCs to hack websites’ administrator panels by exploiting hosts with “admin” as account name, and weak passwords which are being resolved through brute force attack methods.

4 Points of Vulnerability

1. host security breaches

2. out of data WordPress core

3. unsafe plugins and themes

4. brute force attacks

Managing your WordPress powered site well is the most valuable security tool available to you.

  • speed
  • options
  • services
  • security
  • backup solutions
  • control
  • server type
  • price point

Choosing WordPress to power your site means WordPress is the foundation of everything on your site. The fact that it is free and open source carries many benefits. But with each update, the exploits of the previous version are made available to the public making previous versions more susceptible to being hacked. Employing backs security through obscurity tactics, you can remove or hide the version number of your WordPress installation from displaying. You can even choose a more simple solution with plugins to hide the version number. This may deter a bot from attaching to your site, but this does not patch holes in older versions of WordPress. Only updating your WordPress installation as newer versions are made available will remove the published exploits.

Updating WordPress is simple (since version 3.7 was released with automatic updates)

In previous versions of WordPress a new version banner would display in your dashboard whenever there is an update available. Now WordPress installs will automatically update to new minor versions without you having to lift a finger. Minor versions are usually for security updates. You will, however, still need to update for to new major versions.

To update WordPress

  1. First things first! Backup your WordPress.
  2. Dashboard
  3. Updates

The biggest threat to your site

The quickest way to compromise your site includes adding poorly, maliciously coded or out of date themes or plugins from untrusted developers or sites. Due to the open source nature of WordPress many themes or plugins are distributed under a GPL or GPN (General Public License) licenses. So its easy for themes and plugins to be forked and redistributed on free WordPress theme and plugin sites with the addition of hidden or malicious code. This code can be as simple as exposing a virus or as serious as exposing your visitors to identity theft.

Before downloading a free theme or plugin:

  1. Research the author and only download from the authors site or the WordPress depository
  2. Ask advise at WordPress.org/support
  3. If you are going to use free trusted plugins or themes, check the version number compatibility listing and verify that the plugin or theme is still being supported and updated. Many themes or plugins are slow to receive updates or are simply abandoned.
  4. If you don’t use it, lose it. If you are not using a theme or plugin, delete it.
  5. Use paid supported themes and plugins (not free).

Experience shows that nearly all WordPress attacks could be defended against and defended by simply using safe, up to date and trusted plugins and themes.

Source by Stephanie Rosendahl

Web Development and Security: Meeting Challenges With Ease

The modern advancements made in the digital landscape have definitely made it easier for businesses to conduct operations faster but the web developers are confounded with challenges – the nature of which, very few of us can comprehend. Web application development is becoming more and more complex with each passing day. It is not really easy to churn out faster applications within the strict “security” framework.

“Difficult” deadlines: Why?

Don’t be surprised to hear a developer complaining that his ilk is facing deadlines that are “way” difficult than what they were earlier – not only because they are getting shorter but also because of the complexity of work involved is getting intense as well. In short, today, a web development company needs to finish more difficult tasks within a very short period of time. And, the difficulty essentially relates to the need for devising faster applications without violating the security framework.

Today, we’ll be discussing a few steps with the help of which web developers can actually aim for improved digital protection.

What do you need to protect?

The first and foremost responsibility of yours is to understand what you need to protect. Your NEED spells your plan of action here. Which is the data which you absolutely need to store and protect? Track it down at first. How much will the company or business be harmed if the data is compromised? Credit card numbers? Phone numbers? Addresses? These are all part of customer information. There are a few businesses that go on to put sensitive customer information at risk by relentlessly piling up data. The key is to cut down on the amount of sensitive data thus stored. Taking this measure definitely makes the website way more secure.

Don’t go overboard with user privileges

The developer can also consider limiting user privilege. Contrary to popular belief, let us tell you that the biggest threat to web security isn’t really an outside mischief-maker or hacker but your very own “uneducated” users themselves. With too many system privileges made available to them, they might unwittingly end up putting the safety of the website at risk at the first place. Experts suggest that it is advisable for developers to offer each and every user only the privileges he/she needs instead of providing every one under the sun with the same level of access.

The Principle of Least Privilege is at play here. It prevents unqualified users to access those privileges that can be used by the educated users. So, as a developer, one should educate oneself more about the same.

Cookie Data Protection

Pay attention to cookie data protection. It is so important to ensure that you are keeping this particular point in view – quite simply because this one remains one of the most neglected aspects of web security today. There are players like Facebook which has drawn flak for not prioritizing this issue properly. There are others that duly secure their login system, set a cookie and then allow the user to continue the interaction with the application over an insecure portal or channel.

Source by Rahul Ranjan Singh