THINK OF YOUR WEB HOST AS YOUR ON-LINE PARTNER. IT IS!

How to Pick the Right Web Host:

It’s Not Just About the Fees

If you’re just starting out in the world of e-commerce, chances are you don’t even know what you don’t know, which makes finding the right web host a major obstacle. If you’re not sure what’s important and what’s fluff, how can you choose the right company to host your site?

Here are some tips on what to look for and what to avoid when weighing different hosting companies.

Don’t judge by price alone.

Web hosts charge anywhere from $3 to 20$ a month for their web hosting services. Yes, you can even find free web hosting, but of course nothing is free. Low-cost or free hosting services don’t deliver control over what appears on your site.

If you go with a cheapie or free host, part of the deal is that the hosting company gets to put up its ads on your site. (See, nothing is really free.) So, you’re never quite sure whose product will show up on your home page.

Also, keep in mind that all of these banner ads and click-throughs are intended to get visitors to click off of your site and to go someplace else, so in effect, the advertising placed on your site by free or low cost hosts is actually competition for the attention of your visitors.

Low cost = low quality.

Select a host that puts you in charge of what visitors see when they visit your site. You can find these sites at prices starting as low as $6.95 a month.

Check out the host company’s own website.

There’s an old adage that says you can judge the quality of a home improvement contractor by looking at his or her truck. If it’s neat and clean, chances are the contractor takes care. If it’s an accident waiting to happen, look for another contractor.

The same is true of a web hosting company. Check out the company’s own website. If it’s low rent, you can bet your site won’t fare any better.

Don’t believe everything you read.

Of course every hosting company is going to tell you it’s the best, but anyone with a server stuck in a closet can call themselves a web host. It doesn’t make it so. How long has the company been around? What do webmasters have to say about the host? Read reviews of web hosting services. There are lots of them. Go with a company recommended by a web professional and skip all of the sales hype smaller, less established hosts use to pull in newcomers.

Ask about server side security.

Hackers spend a lot of time trying to break through the fortifications put in place by a web host and all too often these bad guys are successful, putting your site at serious, even lethal risk.

Surf the web for interviews with site owners who have experienced numerous hacker attacks, not because they lacked adequate security but because their web hosts were lacking in the latest in hardware and software. You’ll find lots of information.

Some web hosts are in it strictly for the money. That’s all. If they hook up your site to the w3, they’ve fulfilled their obligation to you. Other web hosts take a more proactive approach to your site’s security, recognizing that if their client sites are safe and secure, their hosting business will be, too. A satisfied client will stick around once the service subscription is finished and smart hosts know it costs a lot less to keep a customer than it does to find a new one.

Customer service should be close to the servers.

Web host servers crash. It happens. And when it does, you want it fixed fast because if the server is down, so is your site. And if the host server is on the fritz, you may not be able to access the customer support number because the server is off line and you never wrote down the telephone number!

First, make sure that the company you choose has 24/7/365 customer support, preferably close to the hardware that’s not working. If the server is in Illinois and the customer support desk is in Bangalore, India, it may take a while to get the server operational again.

Second, write down the customer service number so you have it whether the server is up or down.

Make sure your selected host has an impeccable up time record.

Some web hosts take great pride in proclaiming that their servers have a 94% up time record. Sounds good, but that means that company’s servers and your business are off line 6% of the time. That’s costing you business and, if an SE spider should happen to index your site while it’s down, you may well lose PR points.

A good host will have an up time record above 98%. A great host will have an up time rate of 99.9%, as in nearly perfect. It may cost you a couple of dollars more each month to get this level of security but it’s more than worth the minimal expense for the peace of mind you get knowing that your site is protected as it should be.

Billing Policies

Always a good thing to check out. How often are you billed and what are the terms if you close down your site halfway through your web hosting subscription?

Check out the web host’s site to find the company’s billing policies. Also, look for that all important customer care number – the one you call when you have a problem with your bill. The number should be toll free and US based. There’s nothing worse than having a problem with your latest payment and dealing with a customer service rep half way around the world.

Standard Services

What do you get for your standard services besides a certain amount of disk space? A lot of web hosts lure you in with bargain basement rates and then nick you every time you add a new feature.

A good web host provides e-mail services and should allow you to host more than one domain name with your single account. Not all do.

A good web host will also provide a variety of software applications and tools for use free of charge. Again, not all do which means you have to go out and buy checkout software, analytics software and other “must haves.” Go with the host that offers low and no-cost access to everything you need to build, launch and run a web site. And if you can get all of these goodies free (you can), that’s even better.

Site Access

Make sure the host allows 24/7 FTP access to your site so you can upload new data when you want to. Some hosts restrict the hours that clients can upload data, making it difficult to update your site at 11:00 AM due to too much traffic.

Tiered Pricing

If you don’t need VPS (virtual private server) access, why pay for it – especially when you’re first starting out? Go with a host that offers an entry-level package and allows you to upgrade when your site grows a bit.

Tiered pricing lets you test the waters before committing a lot of cash to your venture. And note, the company should not ding you a surcharge when you upgrade – just the cost of the additional disk space and bandwidth.

A Guarantee

You won’t find many hosts that guarantee their services so this may take some research and time, but they’re out there.

Now, no host can guarantee a 100% up time or guarantee that your site will be successful. But some web hosts do offer a partial or complete money back guarantee if you opt out of their service within a specified period, say 30 days. That gives you a month to try out the host server and if you aren’t happy, your subscription is refunded.

Backups

How often does the web host back up server data? This is critical to sites that change often, adding or deleting products and services. If you’ve spent a great deal of time upgrading your site only to have the host server go down in flames before a security back up, you’ll be none too pleased. You want a web host that saves and saves often – at least once every 24 hours.

Test the web host

Before you sign on with a web host, test them. Call the customer support line with your questions and see if you get answers you can actually understand. Some companies employ client care reps who are more interested in demonstrating their own knowledge than they are in resolving your particular problem or answering a simple question.

Be sure to ask the client care rep several questions. Do they appear to be rushed? Are they willing to take the time to teach you what you need to know? Are they patient and courteous? If not, don’t expect things to change once you’ve signed up for 12 months of service.

Finding the right web host may not sound like a whole lot of fun, but it is necessary since you and the host will be partnering in the ultimate success of your site. Take your time, read the fine print, ask a ton of questions and look for some kind of back-out guarantee.

It may well mean the difference between site success and failure, and therefore, it may be the most important decision you make regarding your online enterprise.

Need some help picking the right host? Your web host is your on-line partner so choose wisely. Not sure, call me.

Later,

Webwordslinger.com

SITE SECURITY??? WHAT, AGAIN???

OH, LOOK. A SCRIPT-KIDDIE RIPPING OFF YOUR DATABASE.

WAVE TO THE NICE HACKER. HE OWNS YOU NOW.

Hacked:

The Basics of Site Security Again

You log on to your site and notice that, from your administrator’s console, things don’t look right. So you search the site access log and discover the worst. You’ve been hacked. You’ve got a bogus IP address listed in the search log and when you try to access the intruder, all you get is a 404 error message – Site Not Found.

Now what do you do? What did the hacker do? Is there a digital ticking time bomb buried in your site’s code? A Trojan horse, perhaps? And what about that sensitive personal data stored on your site’s database? You know that’s been copied, even though a quick check of MySQL reveals the database is still in tact. Even so, that sensitive data has been compromised.

Any site is vulnerable to hackers, crackers, script-kiddies and other black hats regardless of how many layers of security you have in place. Remember, hackers never sleep and they’re always looking for web site vulnerabilities. These guys could have gained entry to your site in lots of different ways. By placing an order or opting in for your newsletter. Once contact is made, security is more easily breached.

You’ve got a problem. So, never let it get this far.

Keeping the Bad Guys at Bay

Once a site has been hacked, getting it scrubbed clean and back online can be an arduous, time-consuming-money-losing proposition. Better to keep those evil-doers out from the start.

Check your host server’s configuration. Ooops, forgot to do that.

Revisit your server configuration. You can buy the best, locked-down-tight site security but if it isn’t properly configured with server side software it may provide a false sense of security, as in you aren’t getting what you paid for.

Synch up for safety.

Keep security software and hardware current.

We all know that the hacker community doesn’t have much else to do except sit around devising new ways to circumvent the latest patches from Microsoft or security software developers like MacAfee. The security software programmers know it all-too-well so 24/7, there’s a battle going on between security programmers and hackers looking for a trophy and web creds from other hackers.

Update in-place security regularly. Log on for patches and fixes.

Keep meticulous records of all software. (Keep the box.)

Maintain a record of all software in use to support your business including edition number, i.e. XYZ 2.0. Also user key codes and other information that’ll come in handy if a hacker does get through. An online security company needs to know as much about your software as the hacker did. Make it easy for that company by providing make, model and serial number.

Review log files.

At least once a day, check your back office logs to make sure no one has dropped by unnoticed.

Good time to bring up permissions. A lot of small companies maintain a network of computers. One in customer service. One in accounting and so on. A network is a must for even small businesses today, small businesses that rely on the office network to access business data and records of activity.

This requires the company owner to develop a permissions log – a directory of which employees have access to what company data. All departments and employees should not have access to all data. Only that information required to do the job.

Limit the number of permissions. Limit access to data. And train employees in safe and secure online practices, i.e., email scans, daily virus scans across the network and so on.

And worth another mention, keep access logs up to date. Close out all ex-employees and others who have no business looking at order tracking data.

Stay current on viral epidemics.

First, always keep site security in mind. Consider it a key part of your job as online business owner. That requires a pro-active approach to security. And that requires a knowledge of the latest in frauds, scams, schemes and viruses.

A new virus, once discovered, is almost instantly identified on webmaster sites, on security software sites and, of course, on the Microsoft download page. That’s good. It prevents a local epidemic from becoming a pandemic. Keep up with the latest in hacker tactics and the cures offered on the web. If you wait, your site is vulnerable to a viral injection.

Bulk up your passwords.

This is a simple step, it doesn’t cost a penny yet many site owners still insist on using their pet’s name as the administrator log on. Anyone who knows the site owner will be able to hack the site in, oh, about 10 minutes.

Limit access and create undefeatable passwords. Dictionary software is easily available on hacker sites. These programs go though millions of letter and number strings a day until they generate the actual password. So, extend your passwords, use letters, numbers and symbols, and change them often.

Change all passwords whenever an employee leaves the company.

Run a check of all content generated by third parties.

You might download a FREE counter and pick up a dose of key-logger software – software that logs every key stroke made by you and other members of the office network.

Evaluate the source of the content. For example, sites that syndicate content via RSS feed should be Googled and checked by you, the web business owner. Any third party content can be booby-trapped so be careful. As mom used to say, “You don’t know where it’s been!”

Check your links. Check their ads.

Links are important to building connectivity within a small market. But a link is also an access point for a black hat so always consider the company you keep. Inbound links can be used to inject malware.

Same with paid advertising. Some “company” may be pay you $50 a month to advertise on your site, build a shell site or mirror site and steal your sales. You might not notice it for a couple of days – and by then, your legitimate business could be out $1,000s in sales and you’re facing a boggy mess of customer complaints that are only going to cost more to repair.

Just because an advertiser “sounds nice on the phone” doesn’t mean that she’s running a legitimate business. Know what’s on your pages. Know who’s on your pages. If it looks funny, or your instincts tell you something’s not right, do you really need that extra $50 a month? Take care with those who reach out to touch you. They may be picking your pocket.

When you grow, hire a pro.

When you’re just starting out with a new site, money is always tight, always a consideration. In this case, go with a reputable web host that maintains high levels of server security, including security against cross-server (X-server) attacks. And if this is all gibberish, call the tech support team at your hosting company.

However, at some point, when that online business has grown from a part-time hobby to your sole source of income, congratulations. Now hire a pro.

Site security is no longer a priority. It’s become the priority once you’ve quit your day job and now rely on web traffic to pay the bills. Have a security pro check your system and, if merited, hire a security service that tracks attacks on your site, providing higher levels of safety for your “hand-built” digital business.

Yep, despite the fact that the web has been gussied up in recent years, it’s still a lawless frontier in which you have to protect yourself. The web police don’t exist so forget the 911 call. It won’t help.

The secret to a secure site is constant vigilance and automated convenience. Buy good security ware. Properly configure with server security. Update regularly and keep track of who comes and goes, whether an employee, a link-in or a paid advertiser.

Keep security front and center. It will keep what’s yours – yours!

Site security is serious business. If you're serious about your web-based biz, drop me line. You can bet that some hacker, cracker or script-kiddie is working on ways to do you wrong.

Webwordslinger.com