Best practices are defined as “procedures that have been shown by research and experience to produce optimal results and that is established or proposed as a standard suitable for widespread adoption.”
Disaster Recovery
Way too many web hosting clients continue to view RAID configurations as disaster recovery solutions. While different RAID levels do address redundancy and performance factors, they are NOT disaster recovery solutions. Murphy’s Law says that if anything can go wrong, it will go wrong – and at the most inopportune time.
The key to effective disaster recovery solutions is backing up your mission critical data REMOTELY and then testing the restore function to ensure that you’ll be able to bring everything back up in a timely fashion.
Server Hardening
DDoS Protection
In web hosting, ensuring that your servers and websites are protected from DDoS attacks is critically important as attacks by cybercriminals continues to increase in both scope and volume. An alarming number of web hosting providers still lack adequate DDoS protection services, so it’s incumbent to ask what protection they do provide.
If you’ve purchased DDoS protection from your web hosting provider, do you know what levels of network, application or protocol layers that it protects you from? When they filter attacks, will they allow legitimate traffic to pass through unhindered? Will those services encapsulate DNS, UDP/TCP, SMTP, FTP, SSH and VoIP protections?
Obviously, this just touches the tip of the iceberg for web hosting best practices.
Asking for your take on these or other best practices.
Disaster Recovery
Way too many web hosting clients continue to view RAID configurations as disaster recovery solutions. While different RAID levels do address redundancy and performance factors, they are NOT disaster recovery solutions. Murphy’s Law says that if anything can go wrong, it will go wrong – and at the most inopportune time.
The key to effective disaster recovery solutions is backing up your mission critical data REMOTELY and then testing the restore function to ensure that you’ll be able to bring everything back up in a timely fashion.
Server Hardening
How would you know if your web hosting provider employs best security practices when hardening your server? At a minimum the base install of all OS and post-OS software should come from a trusted source and that includes being connected to a completely trusted network. Each base install should also include all current service packs and patches.According to the Massachusetts Institute of Technology, “By not applying a patch you might be leaving the door open for a malware attack. Malware exploits flaws in a system in order to do its work. In addition, the time-frame between an exploit and when a patch is released is continually getting shorter.
Defects in clients like web browsers, email programs, image viewers, instant messaging software, and media players may allow malicious websites, etc. to infect or compromise your computer with no action on your part other than viewing or listening to the website, message, or media.”
DDoS Protection
In web hosting, ensuring that your servers and websites are protected from DDoS attacks is critically important as attacks by cybercriminals continues to increase in both scope and volume. An alarming number of web hosting providers still lack adequate DDoS protection services, so it’s incumbent to ask what protection they do provide.
If you’ve purchased DDoS protection from your web hosting provider, do you know what levels of network, application or protocol layers that it protects you from? When they filter attacks, will they allow legitimate traffic to pass through unhindered? Will those services encapsulate DNS, UDP/TCP, SMTP, FTP, SSH and VoIP protections?
Obviously, this just touches the tip of the iceberg for web hosting best practices.
Asking for your take on these or other best practices.