Let’s Talk About Hosting Security
I can certainly say that security is the biggest problem of web sites at the moment. That is confirmed by Google research as well. Thousands of web sites are getting compromised on daily basis. Then hackers use those web sites to spread malware, upload phishing web sites to steal personal information and credit cards or send junk mail. The biggest problem is that people can’t find a permanent solution to those security issues because of multiple factors. I will try to cover the most important ones in this article and show how ScalaHosting can help.
Why and how are web sites hacked?
I’ve explained above partially why hackers tend to compromise web sites. The main reasons are 3.
- Send SPAM – more than 80% of todays email messages are junk mails. People and businesses try to get rich by sending unwanted emails advertising all kind of products and services as an effort to gain sales and money. There are even groups of spammers known to the worlds anti-spam organizations such as Spamhaus. Those spammers send millions of mails hourly from thousands of servers all over the world – both compromised servers and their own.
- Spread malware – hackers spread malware as they can do lots of things with it to gain money and power. By power I mean they get control of servers/web sites which were compromised with malware and use them to attack other networks, servers and web sites. People pay up to some thousands of dollars per hour for huge DDoS attacks when they want to harm a business.
- Upload phishing content – another reason to compromise a web site is to upload a phishing web site. Hackers do that to steal personal information (mainly emails) and credit cards. They use them later to order servers which help them send SPAM or attack other servers.
What is the reason for web sites to be easy to compromise?
It is well known that web sites are not hacked manually. Hackers use automated tools and scripts to scan the internet for easy to hack web sites which they can automatically compromise. Noone has enough time to start compromising manually except if the value of the web site is not too big. Most of the web sites which is over 90% get compromised because of 3 simple reasons.
- Outdated scripts/plugins/themes.
- Easy to guess passwords.
- Wrong permissions.
ScalaHosting provides utilities and resources for customers to avoid security problems. If your web site was hacked you can follow the steps at https://www.scalahosting.com/kb/my-account-has-been-compromised-how-do-i-fix-it to secure it.
WordPress is the most used system nowadays. It is open source and the plugins/themes for it are alot on the internet. That’s why it is target #1 of hackers and the most often compromised web sites are WordPress powered. WordPress itself is a secure system and rarely there are security issues with it however there are often security problems with the WordPress plugins people install. Hackers tend to attack security vulnerabilities in the plugins to compromise the entire WP web site and gain access to it. Look at https://www.scalahosting.com/blog/wordpress-security-guide to find out how to secure your WP web site so it doesn’t get compromised.
ScalaHosting WordPress hosting plans include an advanced security protection specifically for WP web sites. Some of the plans are also fully managed because the top reason for security issues and WordPress are out of date plugins. That can be easily managed by enabling automatic updates for WordPress in the wp-config.php file.
What else can be done to secure your hosting account?
In 2017, browsers started showing warnings when you try to login to a web site via a non-SSL connection. You can certainly increase the security of your web site and the data by installing an SSL certificate. SSL certificates are cheap and there are also free certificates. ScalaHosting provides free SSL certificates to all domains on all hosting plans. Even the subdomains get a free SSL from Let’s encrypt which are automatically renewed every 3 months. Read more at https://www.scalahosting.com/blog/lets-encrypt-activated-servers.If your web site is selling products/services and storing credit card details it is a much better idea to pay for a certificate though and get the extra additional security it provides. The benefits of an SSL certificate are many. Below are some of them.
- Increased Security
- Data encryption
- Increased trust
Ordering, configuring and installing an SSL certificate is pretty easy. ScalaHosting has written a detailed guide with screenshots and steps at https://www.scalahosting.com/kb/ssl-certificate-choose-configure. You can order your SSL certificate now at https://www.scalahosting.com/ssl-certificates.html and increase the security of your web site.
Switching to a cloud server will increase security
If you have the budget and you can spend some more money to have higher security consider switching to an SSD cloud server. In that way you isolate your web site from other web sites and users running on the same server. That increases security dramatically. It is much easier to compromise a web site when you have local access to the server rather than compromising it remotely. If there is a compromised account on the shared hosting server your web site is hosted on the chances for your web site to be hacked too are much higher. It is just easier for the hacker to do it locally. If you have the money and you can afford it switch to an SSD cloud server right now and get the extra security. That’s not the only benefit. Cloud servers have tons of other benefits. You will get a better efficiency with an SSD cloud server. The cloud hosting setup is also much more reliable and powerful than the traditional hosting. First of all, I would suggest you to read what is cloud hosting to learn about how it works. Then you will have a much better idea what you will get and why people and businesses today are all switching to cloud servers. Is cloud hosting secure is a question many are asking due to the popularity of the technology. ScalaHosting runs thousands of cloud servers and we never saw security problems with the technology.