Dedicated vs. shared hosting?

Dedicated vs. shared hosting?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Dedicated vs. shared hosting? Tony Lawrence 03-20-2005
Posted by Tony Lawrence on March 20, 2005, 8:14 am
If you were  Registered and logged in, you could reply and use other advanced thread options
My public website sits on an Interland shared BSD box, and although I
do have root access and can affect my security to some extent, I
mostly rely on *their* security, which is starting to worry me a bit.
They don't necessarily react to security patches as quickly as I
might, but on the other hand they may have reasons (which quite
naturally they don't talk about) to know that a certain exploit
doesn't apply to their servers even though I might think I'm at risk.
They also have separate firewall screening though who knows WHAT those
are screening..

So what's the opinion? I've been thinking about moving my site to a
dedicated server like oneandone.com where I can very specifically
control everything, but that wouldn't give me any separate firewall
such as I have with the shared server at Interland. Interland offers
dedicated with separate firewalls but the price is quite high.. maybe
worth it, but it seems like a lot to me. for that kind of money I
could
run a T1 to my house and serve from here!


Which is more likely to be more secure? I realize it's impossible to
answer that authoritatively because nobody but Interland knows what
security provisions they add, but what's the gut impression?

The other thing I've thought about is using two servers: one with
absolutely no public access other than web pages. I haven't thought
this through thoroughly ao I may be all wet, but I'm thinking this
could give me more security. Pardon me thinking out loud, but maybe
the public one serves pages directly but only allows ssh from the
other ones public keys. So that one would be the dedicated server ..
or would it make more sense to turn it upside down and proxy or
redirect to the actual web pages?

So confused :-)

I really want to lock things down as much as humanly possible. It's
worth the expense of another server at oneandone prices, dedicated or
shared, if that would give me added security, but I'm not sure I'm not
just adding extra overhead and expense for little gain? A hacked site
is expensive both for direct lost income until I fix it and my time
and trouble fixing it, so I don't mind throwing a little money at it,
though not the $500/$600.00 a month that Interland would run..

--
Tony Lawrence
http://aplawrence.com



Posted by Barry Margolin on March 20, 2005, 9:16 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> My public website sits on an Interland shared BSD box, and although I
> do have root access and can affect my security to some extent, I
> mostly rely on *their* security, which is starting to worry me a bit.

The fact that they give root access to customers would bother me quite a
bit. This means that one customer can hack another customer on the
server.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***


Similar ThreadsPosted
What are the real dangers of shared hosting ? May 8, 2004, 7:25 am
Mailing List dedicated to Full Disc Encryption use and implementation strategy October 1, 2006, 7:28 pm
Web hosting security September 28, 2006, 4:12 am
Web hosting security September 28, 2006, 5:32 am
Application Hosting January 23, 2008, 5:31 am
(OT) Web Hosting Special Offer................................................................................................................................................................................................................................. April 14, 2005, 8:03 am
hosting a local CA using commercial certifcate chaining January 30, 2008, 4:56 am
MDL - A Site For Monitoring Domains Hosting Or Directing Users To Malware September 5, 2007, 4:11 pm
New site dedicated to security conferences : www.security-briefings.com May 6, 2006, 11:16 am
Authentication Open vs Shared Key September 12, 2007, 9:17 am

The site map in XML format XML site map

Contact Us | Privacy Policy