If you’ve read our article on website security tips, and taken all the necessary steps to secure your new website before it goes live, well done. You are clearly taking your own security seriously. Unfortunately, the same cannot be said for many web hosts. And even more, unfortunately, the security features of your web hosting service are arguably more important than (most of) the steps you can take yourself to secure your website. Many web hosts don’t follow web hosting security best practices, and free web hosts are even used by hackers to disseminate malware and steal your sensitive data.
In this guide, we’ll take a look at the most important security features that a good web host should offer. If you are looking for a new web host or looking to change your existing host for one that offers better security, look out for these features.
Shared vs. Dedicated Hosting
When it comes to web hosting security, plenty of people will tell you that “dedicated” hosting, in which you have control over your own server and your website is the only one stored there, is inherently more secure than “shared” hosting, in which you share a server with other customers.
Is that true?
Well, yes and no. It’s true that if you are an experienced network engineer, having your own server will allow you a greater level of control and potentially better security. On the other hand, using a shared provider means that a good deal of your security is handled by your web host, which (hopefully) has in place a dedicated security team.
There is a third way, however, that combines the advantages of both approaches. Virtual private servers (commonly referred to as VPS hosts) use shared hosting, but the majority of VPS providers run a virtual machine on their servers, which means that each virtual server is an independent unit under the full control of the customer. This model gives you a great deal of control over your servers while not sacrificing the expertise that shared hosting providers offer. As a result, it is often the best choice for small websites.
Backups and Restore Points
You might not think that backups are a key element of security, but they are. The ability to fully backup your site and to do this frequently, is a very important feature of good web hosts. That’s because many common forms of cyberattack will involve a hacker taking your site offline and then ransoming your data back to you. If you have a clean backup, you won’t care (as much).
When looking for a web host, pay careful attention to their backup policies. Make sure that they backup frequently (at least weekly), and that you have access to these backups.
A good web hosting provider will monitor your internal network for intrusions and anomalous activity. They will alert you when they spot unusual traffic on your server, and also be open and honest about any security breaches.
This said, the protection provided by your web hosting provider should always be reinforced by the use of a good website builder, which will also alert you to any security vulnerabilities in your site. Typically, these will include broken links and dead pages, unused plugins and themes, and also unusual levels of traffic on your site.
Firewalls and DDoS
Distributed-Denial-of-Service (DDoS) attacks are a common form of cyberattack in which vast amounts of data are requested from your site. This can overwhelm your web server, and make your website unreachable. This is a major security risk, but one that can be reduced by web hosts: by implementing a firewall to block malicious inbound traffic, a firewall can be effective in stopping this kind of attac at its source.
When choosing a web host, therefore, get some sense of what intrusions the company’s firewalls are likely to stop and what other measures the security team employs.
Antivirus and Malware Protection
As we recently pointed out in our article on the anatomy of website malware, malware and viruses are currently undergoing a period of rapid development. Encrypted malware, in particular, is now becoming a major problem for website owners.
Malware and virus detection is not your web host’s responsibility alone: you should ensure that you are scanning for malicious programs over all of your systems. However, when choosing a web host you should understand which protective actions your hosting provider will perform and what you must do on your own to protect your website.
Finally, you should also ensure that your web host is aware of the security implications of DNS redirects, which are rising in popularity among hackers. In this type of attack, visitors to your website will be directed to a fake second site via a compromised DNS table. Thankfully, there are ways around this: protected, zero-knowledge DNS protocols can help to ensure the integrity of DNS lookups, and protect you from having your site duplicated and used for a phishing attack.
If In Doubt, Ask
Though a good quality web host will offer all of the features above, they should also offer much more. Ultimately, a good web hosting provider will see themselves as a partner in your business, rather than a company selling you a service.
For that reason, before you choose a web host you should take the time to ask them questions. If they are upfront about the security measures they have in place, great, but ask them about security anyway. Be suspicious of any web host that boasts a 100% record in deterring attacks, as well. Not only is this impossible, but such a claim is also an indication of a company that is not being honest with you (or maybe themselves).
Instead, website security is a process that requires constant vigilance and development. But with a good web host at your side, this process is a whole lot easier.