Reviewing host companies - Which one is more secure? (opens in new tab)

(fseek.me)

5 pointsj_lagof15y ago5 comments

5 comments

Hint: Rackspace lost badly (21% of the sites they hosted got blacklisted in the last 90 days). Netsol won with only 1% of sites blacklisted...

thaumaturgy15y ago

The vast majority of websites that are inadvertently serving malware have been compromised through the website itself, which can happen totally independently of the web server software or the host.

About the best the host can do is have a reasonable IP blacklist, but even that doesn't stop nearly enough attackers. (My little mail server, hosting only around a dozen accounts, is currently averaging 14 new SSH bans per day for example.)

The only thing that a "secure" host guarantees is that a compromised website can not lead to a compromised server; attempting to measure that by checking the number of malware-hosting websites at a service provider is the wrong way to go about it.

All that said, if you want a "secure" host without spending a lot of money, your best compromise would be an OpenBSD VPS, and then either spend a lot of time learning how to set it up correctly (and maintain it), or have someone do it for you.

Having NetSol and GoDaddy on a list of potentially "secure" hosts is hilarious.

edit: I'd recommend checking the Sucuri Blog (http://blog.sucuri.net/) for an idea of who's been compromised and how they've responded. Sucuri's pretty good at keeping track of all this stuff.

sucuri215y ago

I kinda agree with you, but when you see 21% at Rackspace, it shows that something odd is going on there (taking out hosting-specific attacks, the % should be the same everywhere).

thaumaturgy15y ago

Heh! I just added a link to your blog as a recommendation, before seeing your reply.

My guess is that more of the stuff at Rackspace is being admin'd by customers who don't know what they're doing, versus the managed shared hosting at other places.

sucuri215y ago

Blacklisting alone don't tell if a hosting company is secure or not, but is a good indicator of how it is being perceived from the outside.

j / k navigate · click thread line to collapse

5 comments

j_lagofOP15y ago

Hint: Rackspace lost badly (21% of the sites they hosted got blacklisted in the last 90 days). Netsol won with only 1% of sites blacklisted...

thaumaturgy15y ago

The vast majority of websites that are inadvertently serving malware have been compromised through the website itself, which can happen totally independently of the web server software or the host.

Having NetSol and GoDaddy on a list of potentially "secure" hosts is hilarious.

edit: I'd recommend checking the Sucuri Blog (http://blog.sucuri.net/) for an idea of who's been compromised and how they've responded. Sucuri's pretty good at keeping track of all this stuff.

sucuri215y ago

I kinda agree with you, but when you see 21% at Rackspace, it shows that something odd is going on there (taking out hosting-specific attacks, the % should be the same everywhere).

thaumaturgy15y ago

Heh! I just added a link to your blog as a recommendation, before seeing your reply.

My guess is that more of the stuff at Rackspace is being admin'd by customers who don't know what they're doing, versus the managed shared hosting at other places.

sucuri215y ago

Blacklisting alone don't tell if a hosting company is secure or not, but is a good indicator of how it is being perceived from the outside.

j / k navigate · click thread line to collapse