SSL Certificate and Website Security If your website performs any e-commerce or asks website visitors to submit any kind of sensitive information, then you will want your website to be secure. Let’s explain how security and SSL works and then what your options are. What is SSL? SSL stands for secure sockets layer. Yeah, that …
Question: How do we find out if it is encrypted or not? If it’s not encrypted, what would be the cost and process to do so? When it’s encrypted, it switches from port 80 on the server to port 443. The easy way to tell if this is happening or not is if links are …
Well, yes and no. There’s network security and application security.
With network security, which is the encryption used in SSL certificates (if your website is set up that way), the communication between the web server where your website lives and the browser of the website visitor is encrypted. This is tough encryption and is nearly impossible to crack. So that communication and information shown on those web pages of your website is secure.
Then there’s application security. There’s no secure software. Software on your computer isn’t totally secure, which is why there are updates and patches that come out. Your computer is connected to the Internet, so it could be compromised – even if there’s a firewall because a firewall is software, too, which could have flaws. Now, think about computers that are even more open to the Internet and are connected 100% of the time – these are web servers. If hackers are trying to get into your computer, how much more do you think they are trying to get into web servers, which are much more open in certain ways?
The software (“scripts” we call them) running on your website need to be updated. Vulnerabilities and holes are found all the time. This is one reason why you want to use software that’s used by many people and has support. Lots of Open Source software falls into this category and can arguably be more secure than software that isn’t Open Source (think Microsoft products) because there are more developers and more people developing and testing it. This means that website software has to be updated continuously. Patches come out all the time. If software (PHP scripts, etc.) is not updated, it’ll get old and could be full of holes. When a website is in that state, it’s really just a matter of time before it will get hacked into.
Website Cost of Ownership
There is a cost of ownership with a website. These updates and patches have to be installed. If your website has custom features, then applying these patches and updates will require more care so that these custom features do not break. There is then more testing involved as well. As a website owner, you are ultimately responsible for keeping your website software up to date. Sure, you can outsource this work to a company like Webstix, which is what we’re here for – but you have to assign us to do this work, so it’s still on you.
Webstix has a system called Maintenance Blocks where you can pre-pay our time and get discounts when you do it in bulk. Plan on using at least 12-24 Maintenance Blocks (6-12 hours) per year if your website has any kind of scripting on it (a CMS, blog, shopping cart, etc.).
Great – we’re glad to have you as a web hosting client. Here is what we need to start setting things up: Contact Information – The name and email account of whom at your organization will be our contact person for website hosting. Email Accounts – A list of email accounts with passwords. If you …
I Do Not Wish to Have Webstix Host My Website. What Do I Need to Provide?
Most of the websites we create use PHP and a database called MySQL. Your hosting needs to have these things available and we’ll need the login account information for all of these things. This article will explain all that’s needed and you can forward this on to your current web host and they should know exactly what we’re looking for.
Server Requirements – Joomla:
(with mod_mysql, mod_xml,
*Do not use PHP 4.3.9, 4.4.2 or 5.0.4. These releases have known bugs that will interfere with installation. Zend Optimizer 2.5.10 for PHP 4.4.x also has serious bugs and you should ask your host to upgrade to a newer version. Joomla! versions 1.5.15 + are compatible with PHP 5.3. Note that the OpenID library is not yet compatible with PHP 5.3.
**Joomla is not yet compatible with MySQL 6.x.
***In order to use SEO URLs, you will need to have the Apache mod_rewrite extension installed.
****Joomla is optimized for Apache, but also runs on Microsoft IIS (though not officially supported). Depending on your setup, you may need the following:
- PHP 5.2 – Installation instructions
- MySQL 5.1 – Installation instructions
- Apache 2.2 – Installation instructions
- Microsoft URL Rewrite Module – Required for SEO URLs only. For more information, click here. For information about using ISAPI, click here.
- FastCGI – Download for IIS6. Download for IIS7.
For further assistance using Microsoft IIS, visit the Joomla IIS forum.
We highly suggest using a Linux server.
Server Requirements – WordPress:
- PHP version 5.2.4 or greater
- MySQL version 5.0 or greater
What to Provide to Webstix:
- Server name / IP address
- Server name / IP address
- Database name
What Also Helps Us / Optional:
- SSH login
- Location of a PHPMyAdmin installation (URL, username and password – if any)
- Your server control panel URL, username and password
Why Use Webstix Hosting?
Here are some things to think about if you are on the fence about whether to use Webstix website hosting or go with your own provider. You may get hosting with your ISP or phone provider but even though it may seem free, it could end up costing you more in the long run.
- Patches and upgrades – You are completely responsible for applying patches and upgrades to Joomla/WordPress. We may not remind you if they are needed. With our web hosting, we’re on top of these updates and will let you know when your website needs them in order to be more secure.
- Webstix hosting is a one-stop-shop – When we host the site, you will never hear the words “you’ll have to contact your host about that…” or “We’re not sure but it looks like your host upgraded the XXX software…” When we host, we can troubleshoot things quickly without any barriers – it’s our servers. Problems are fixed more quickly, which means more up time and less time (less cost to you).
- We have 100% access to all of our servers. We have what is called “root” access to every server we own. We’re able to adjust and do anything we want. With most other hosts, you (or we) will not get this access. Getting things changed is either impossible or it takes days or weeks.
- When we upgrade our servers, we’re able to test all the websites that we host to help reduce any problems that might occur. Sometimes things like PHP come out with major upgrades. We’ve been able to do them smoothly. With other hosts, we’ve had to give emergency service to some clients whose websites broke when their hosts did these upgrades and did not test their websites beforehand. Avoid the extra headaches and costs.
Having us host your website is not required but it could really reduce risk, headaches, cost and make your website less of a distraction so that you can run your business.