Join 3,561 readers in helping fund MetaFilter (Hide)


Secure and Reliable Web Hosting?
March 15, 2009 9:13 PM   Subscribe

Do you know of any secure & reliable web hosting providers?

I am part of a startup company and we manage multiple websites. The problem is they keep getting hacked and it is a hassle to fix because our engineers are in India. Currently our host is GoDaddy but we are thinking of switching to someone more secure and reliable. Can you recommend any good hosts?
posted by meta.mark to Computers & Internet (17 answers total)
 
Sounds like the problem is your engineers, not your ISP. At any rate, "most" hosting providers are basically secure and reliable enough. Rule of thumb: you don't get what you don't pay for.
posted by rhizome at 9:22 PM on March 15, 2009


But is there anyone more secure than GoDaddy?
posted by meta.mark at 9:28 PM on March 15, 2009


Moving an insecure web site to a different provider isn't going to solve your problem. Why do you believe GoDaddy is the source of the vulnerability?
posted by qxntpqbbbqxl at 9:48 PM on March 15, 2009


There a ton of old questions about web hosts that have been asked previously. It's hard to make suggestions without any criteria other than "secure" (which is hopefully a prerequisite not a feature)
posted by misterbrandt at 9:58 PM on March 15, 2009


Agree with the above. The problem is your application, not the host.

There is an outside chance that you could find a host whose default settings would alleviate your application's security issues, but without knowing what those issues are, you have no way of knowing which one to pick . . . and if you did know, it'd still be easier to just fix them.

How are you getting hacked? If you don't know, that's where you start, not with changing hosts.

You're basically looking to move to a new house because you left the door unlocked and got robbed.
posted by toomuchpete at 9:59 PM on March 15, 2009


Pair Networks has been rock solid for me for over 5 yrs
posted by olddogeyes at 10:22 PM on March 15, 2009


I have to agree with what everyone else has been saying - all webhosts will be running roughly the same software stack (PHP/Tomcat on Apache on Linux). These are, for the most part, all created equal.

If your engineers are not trained to write secure software, you will not get secure software. Period, end of story. This is not a problem that can be fixed by finding a new webhost, and not to be too discouraging, but if your engineers aren't using secure coding practices on every line of your sites, the chances of them retrofitting it on after the fact are basically nil.

Good luck.
posted by DoomGerbil at 10:30 PM on March 15, 2009


Webhosts seem to have to meet requirements about security, and as DoomGerbil said, all webhosts run on the same PHP, apache, etc., base.

Choosing a webhost will really be about how much traffic you anticipate, what you'll be hosting, and if you need any e-commerce functionality.

I would recommend either Dreamhost , or Bluehost. If you need high end hosting, look into MediaTemple or Rackspace
posted by mtphoto at 10:42 PM on March 15, 2009 [1 favorite]


I second Dreamhost
posted by Bighappyfunhouse at 11:48 PM on March 15, 2009


I use 1&1 and wouldn't recommend them for more secure and "reliable" ... Don't get me wrong, it get's the job done for what I need it for, but it's basically such a value deal that they don't provide a very high level of quality.
posted by eli_d at 12:01 AM on March 16, 2009


I'd second MediaTemple but nth the notion it's not the ISP but the web sites that are the problem...

How are they being hacked?
posted by twistedonion at 1:42 AM on March 16, 2009


as others have suggested this sounds like a problem with your application and most often than not most web hosts are very reliable.

say that I would reccomend ASO. I wouldn't recommend media temple, I've had nothing but trouble with them.
posted by nam3d at 4:14 AM on March 16, 2009


EngineHosting.com
posted by Brandon Blatcher at 5:10 AM on March 16, 2009


I also use 1&1. I have no complaints, however, my usage and needs are very very basic. Couple of email addresses and a blogger website. (I use blogger.com for CMS and I think it just updates static pages to the host.) Never been hacked to my knowledge, and I have never had any downtime that I noticed. But as I said, super low usage- I can count monthly hits on my fingers and toes, I think.

(It's a great deal for low usage sites- I can pretty much do whatever I need to with the $4.99 a month package.)

You'd probably have to determine (or tell us) more specifics on the hacks that you are getting. Silly stuff like breaking passwords, or more crazy stuff like SQL injections?

Agree with other posters- chances are, the security problems you are having are on your sites' side, not the provider side.
posted by gjc at 7:17 AM on March 16, 2009


"They keep getting hacked" is pretty unusual. While it's possible that the ISP is to blame here, it would be hard for an ISP to stay in business if they were endemically non-secure. So I have to nth the above and suggest that maybe you're doing something to make this possible?

You need to explain HOW they're hacked in order for anyone here to have a clue.

(To be contrary, btw, I'd caution against MediaTemple for anything other than very basic blog-type stuff. They're 90% marketing (aimed at designers so it all LOOKS fancy) and about three percent engineering prowess. I've had too many clients with too many problems whenever they needed anything other than Option A from preconfigured package B, and the techs there seem to get over their heads quick. Also, 12 flaky servers does not a production-level "cloud cluster" make. Google MediaTemple +disaster for 100 other stories.)
posted by rokusan at 7:47 AM on March 16, 2009


Pair.com has been very solid for me for almost a decade, but yeah, I doubt it is the web host.
posted by Good Brain at 9:21 AM on March 16, 2009


it is rather difficult for a shared hosting server to be hacked. it is trivially easier for a CMS to be exploited. nthing the above calls that the issue is with your content (and the people who developed that content), not your hosting provider.
posted by phredgreen at 10:10 PM on March 19, 2009


« Older When I saw David Sedaris in 20...   |  What has been your own persona... Newer »
This thread is closed to new comments.