Managed Website Hosting
Secure • Reliable • Affordable
Many of our web clients take advantage of our managed website hosting services, but we don’t require it. To host with us, we would need to have temporary access to your domain registrar account to make some simple edits to your DNS (Domain Name System) configuration.
How We Started
We began hosting client websites in 2009, when we built a couple of web applications (document management systems) that required specific software running on the server.
We leased our first dedicated server, which was essentially a "blank" machine that we shared with no one else at a data center. We then added all of the software packages, and configured it for our clients' applications.
After we had a powerful, fairly expensive dedicated server up and running, we began offering to host more of our client websites in order to spread the cost.
Where We Are Now
In the past seven years, we have leased five more servers across the USA and Canada, which allow us to offer managed hosting to many more of our clients.
Managed website hosting means that we administer the hardware, operating systems and system software. Our clients have limited access, but as a rule, rarely use it. We, as the hosting provider, are responsible for setting up and configuring hardware, installing and configuring software, technical support, patch management, system maintenance, up-time monitoring and all backups and updates.
We now host more than 90 websites on six servers, which limits the number of sites sharing the same resources. Through the use of Virtual Private Servers (VPS), we can dedicate the storage, bandwidth, and resources for almost any application.
We host and maintain quite a few WordPress sites, which present various challenges in security. WordPress is the platform of choice for more than 25% of all websites in the world. It is a big target for hackers, with several points of vulnerability.
WordPress sites are usually hacked in an effort to gain control over the email functions of the website or the web server itself, in order to send out malicious software and spam. This can lead to "blacklisting" of the website's domain and IP address.
Security Weak Points
Recent data shows that most WordPress hacks can be attributed to these main vulnerabilities:
- Plugins: 56%. there are more than 40,000 plugins listed in the official WordPress plugin directory. Some are outdated and not regularly updated by the authors.
- Brute Force attack: 16%. These are automated password-guessing attempts which can try thousands of combinations very quickly. Some easy passwords can be guessed in a few seconds.
- Less significant points of entry are the WordPress core files, hosting account passwords, theme files, file permissions, phishing, etc.
Here are some of the many steps that we take with all WordPress sites to minimize the risk of hacking:
- Install backup software, schedule daily backups of all files and data to Google Drive or Dropbox so that we have a "clean" copy that can be restored to its pre-hack state.
- Install security software to scan all files and data daily to detect any intrusion attempts. We also configure it to limit and give us alerts for password-guessing attempts.
- Encourage all website owners and administrators to use uncommon usernames and complex passwords.
- Keep all software and plugins updated regularly.