Web host with best security against malware?
September 21, 2012 10:50 AM   Subscribe

What is the most secure webhost for a small business?

I'm currently on bluehost and have had my wordpress sites repeatedly infected with malware. I read that a big portion of bluehost sites were infected. I figure that any high volume web host will be a popular target. Can you recommend any affordable web hosting company ($200 or less per year for a small wordpress site) that is extremely good at security? A smaller company is fine. I'm simply not aware of how to sort through the smaller web hosting companies. Thanks!
posted by KimikoPi to Computers & Internet (6 answers total) 2 users marked this as a favorite
I've been hosting Wordpress sites with GKG for years and the two times I was hacked it was Wordpress vulnerabilities - not anything you can really blame the host for.
posted by COD at 11:04 AM on September 21, 2012

Enginehosting.com always struck me as being very careful and good about security. I have no direct knowledge that this is a fact, but the company is partners of sorts with the CMS ExpressionEngine, so EH's head of IT, Nevin Lyne, would appear on the EE forums to talk about security from time to time. He seemed on top of the ball and very keen about keeping EH's servers free of outside attacks or mucking about.

No, I don't know him personally or have any affiliation with EH or EE, other than using their products.
posted by Brandon Blatcher at 11:26 AM on September 21, 2012

If you don't have special requirements, I would consider hosting on WordPress.com itself:


It would be relatively cheap--you'd just need a few upgrades like no ads, maybe custom design, and the domain pointing:


I'm getting the impression that you guys haven't been good on keeping your WordPress codebase up to date, if you keep getting infected. That, not the hosting company, is most likely your main problem; WordPress is well known for being vulnerable. Lots of people will leave up a WordPress site and not upgrade it, leaving it vulnerable as people discover the security holes and make automatic exploits for all older versions they can find. If WordPress.com itself isn't suitable for you, consider going with a host that will automatically upgrade your WordPress install; Dreamhost has a feature like that, and comes within your price range.
posted by foxfirefey at 11:59 AM on September 21, 2012

Firehost is apparently very secure (their whole marketing angle is security) but also not cheap.

I've also heard good things about GoGrid.

And how about Amazon AWS?

Did you install any Wordpress security plug-in and update Wordpress regularly?

You can also use a hosted third security service, such as Dome9, CloudPassage, or CloudFlare (although my understanding of the latter is they are more about optimizing speed), while hosting your site with any hosting company.
posted by Dansaman at 12:47 PM on September 21, 2012

Also, did you change your Wordpress admin login from "admin" to something else, and use a strong password?
posted by Dansaman at 12:48 PM on September 21, 2012

I use NeoSurge to great satisfaction.
posted by thanotopsis at 3:21 PM on September 21, 2012

« Older Sheltered Meets Extroverts   |   What is this crazy little thing called Twitter? Newer »
This thread is closed to new comments.