Whether you have to host your personal page or a big e-Commerce site a secure hosting service is what you should always look for. This may seem a raw statement to many. But it's not. Secure hosting doesn't always imply a higher cost necessarily. Hosting security as much as internet security in general is up to the people running the appliances and infrastructure behind your website more than the costly firewalls or IDS protecting the network.
Many times, it is better to have a knowledged web administrator than a sophisticated $7000 Cisco Firewall. There are some web hosting services that in our tests proved to be stable and secure. But, what should one look for when in need of a secure web hosting?
The following is a list of the most important 5:
- SSL / SSH /sFTP
SSL allows you to have a secure encrypted tunnel between you and your server. This means that all the input (including login, credit card and any sensible information) doesn't travel in plain text and it is readable only by you and the server. It works using the Public/Private key paradigm.
If you have a shopping cart, or if you are going to host some membership portal storing personal members information SSL is a must have. Your visitors will appreciate it and will feel more comfortable to pass their data to you.
SSH stands for secure shell. It is used mainly as a secure access to the Unix machine from remote. You will be able to issue commands on the server console as if you were on the server keyboard. As SSL it works creating a secure tunnel.
SFTP is a network protocol that provides file transfer and manipulation functionality over
any reliable data stream. It is typically used with the SSH-2 protocol to provide secure file transfer. With normal FTP access all the files being transferred are sent in plain text
with no encryption at all. Many times you will have to transfer source codes containing hard coded passwords or database information.
- Strong Firewall/IDS
Almost all the networks have firewalls, but not all of them are managed sapiently thus
allowing remote access, information disclosure and active attacks to the hosting
provider network. A secure hosting service should manage redundant firewalls and should give you the capability of adding directly or indirectly (through administration access) to firewall rules. For example, if your website experiences an enormous malicious traffic (brute force http/email password as an example) your hosting administrator should give you the opportunity to add the ip address from which the attack came from to the blocking Firewall ACL's.
IDS stands for Intrusion detection system. They provide a further level of security because they can recognize a number of attack vector and stop them before they get any success on the target machine.
- Anti-DDoS
DoS stands for Denial of service, it is at the same time the most basic and the most
difficult to prevent attack that can be taken to a network. Such kind of attacks slow down your hosting provider network and all the sites hosted on the same node. This means that if hackers decide to attack a website hosted on your same server (in case of shared hosting), your website will suffer from this attack as well.
Anti-DDos features are now included into routers and firewalls and once again a secure hosting provider should be able to identify and block such attacks.
- Anti Spam
Although Spam is not directly connected with security, it can be a threat to your business. Spam carries viruses, worms and spy ware. Spam can even slow your server down up to shut it down depending on the emails number the mail server can handle. Not to mention the wasted bandwidth. That's why Anti Spam solution should never be missing not only into secure web hosting packages but in any kind of hosting you're going after.
- Secure trusted web hosting providers
In my experience as security consultant I have found out that many sites of web hosting services have security holes in their shopping carts, hosting control panels or web application in general. These kind of holes can allow an attacker to gather access to registered users credential including ftp passwords. This is probably the worst thing you may encounter but it really happens.
Protecting from such bad security practices is difficult because no one knows the existence of such security issues beside hackers and security consultants. That's why it is very important to always review secure web hosting listings made by hackers in order to avoid poor secured web hosting causing you money and data loss.
Article Source: Ivanovich Cuxev from ABC Article Directory
Thursday, October 4, 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment