It is now well into 2019 and given the sharp rise in cybercrime over the past few years, security is one area which should be a top concern for new and veteran website owners alike. Almost all web hosting service providers have been increasingly touting enhance security features but what do you really need to look out for?
Various web hosts offer different levels of security in their plans, from the usually hair-raising standards of free unlimited web hosting all the way to secure, dedicated servers. As with everything else, there isn’t really a one-size-fits-all when it comes to security in web hosting but there are some general things that are very important.
The important thing to realize here is that the reputation of a website is more than its ability to offer steady, reliable service, but also to keep its visitors safe.
Let’s look at some of the top areas of web hosting security which you can decide on when looking out for a host that suits your needs.
1. Backup and Restore
Core security needs aside, this should be something that all website owners need to keep a look out for. When hosting your website somewhere you are essentially trusting your files and data to be safe at a remote location.
Being able to backup your data easily, quickly and accurately is very important but so it the ability to retrieve it. Your website files and data are essential to your website which could mean a huge difference to your bottom line.
Most web hosts will offer some form of backup system so pay attention to what’s available. Some questions you need to consider are;
- Is the backup automated?
- How many instances of backup are kept?
- How is the retrieval process?
- Where is the data being backed up to?
- Is there additional cost involved?
Good web hosts will have regular automated backups and sometimes you can tweak the frequency at which these are performed. Some will also have contingency locations where the backup is located to in case of critical issues affecting the main data center where your files are being hosted.
2. Secure Server Capabilities
This is something that will likely have more effect on online retailers, but it is generally a good idea to look towards a secure server. Online retailers handle not just personal data but also financial information.
Even if you currently have no need of this, knowing your web host has the capability to offer secure server hosting to you can save a lot of work in future upgrades. Remember, accessing your server is always done remotely, so your communications to the server need to stay safe.
Here are some things to consider in terms of server security
- Is secure FTP (SFTP) supported?
- What types of SSL certificate are available?
3. Malware Scanning
Again, keeping your files safe is crucial to a safe browsing experience for your visitors. Many web hosting providers today are offering automated antivirus and malware scanning for web hosting account. If possible, learn all you can about what actions your web hosting provider takes regarding this.
Look for a web hosting provider which not only performs the necessary scans but also has a support team which can help you out in case of any issues. If possible, ask what the host’s policies are regarding sites which may become infected.
Things to consider,
- Can you access scan reports?
- Does the host help with virus or malware removal?
4. DDoS Prevention and CDN Support
Distributed Denial of Service (DDoS) attacks are devastating and can easily swamp your website if you aren’t prepared. When this happens, your site could not only lose visitors but get suspended by your web host. Because of this many web hosts inherently have DDoS prevention measures in place. The question is, how effective will those be?
One good sign of DDoS mitigation is if your web host works closely with a Content Distribution Network (CDN). CDNs have massive infrastructure that help websites not only serve data up faster to visitors but can absorb the force of a DDoS attack.
Cloudflare is a very popular CDN which does this. With a massive network capable of absorbing DDoS attacks of over 600Gbps, Cloudflare protects over 13 million sites. If a web host works with CDNs like Cloudflare to protect their own networks, that is generally a good sign. You can also sign up with Cloudflare individually for greater protection.
What to ask about DDoS and CDN;
- What DDoS measure does the host have in place?
- Will your host inform you of what actions are taken during a DDoS Attack?
- What recovery plans do they have in place?
5. Manual Reboots
This is more applicable if you’re running an isolated account type such as with VPS hosting. Like reboots on personal computers, sometimes websites can gain benefits from having their hosting environments refreshed.
I would advise that this is an extremely important feature to look out for when combined with web hosting accounts that allows manual backup and restores. If you are facing any major issues, you can easily perform a site restore and reboot the entire account quickly and with minimal fuss.
6. Operating System
As a website owner, you must decide what operating system you are going to host your site on. Most hosts offer both Linux hosting and Windows-based web hosting accounts. Which you opt for also depends on the technical needs of your site. Each also offers their own respective security pros and cons.
For the most part, Windows-based web servers come with limited access and accounts based on these must request access to do many things. Theoretically, this prevents unauthorized personnel from affecting the system. Only authorized Microsoft personnel handle these web servers with regard to flaw resolutions.
Linux-based servers generally come under fewer threats since they are not as highly commercialized environments as their Windows counterparts. Linux usually has many experts in their community who are continually looking for and pathing vulnerabilities.
Although these are some of the many things to pay attention to, it should also be noted that on a personal level there are many other things you can do to secure your website. Not all security needs are met by web hosts, who are generally more concerned about strategic detail.
As a website owner, you must look for minor details which can affect your site specifically and work towards patching those gaps. Thankfully there are many tools to help you. Exactly which are mainly dependent of what type of site you are running, such as WordPress for example. But that’s a story for another day.