MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

The Five Basic Levels of Web Hosting Security

Published on 03 June 13
1 David rewarded for 1 time 5 David rewarded for 5 times   Follow
346
0
0

Despite all the knowledge, skills, and efforts of any domain hosting company, web server security is always in some way compromised. The reason for this lies in the fact that safety is joint work involving the owner of the account, the web host that provides space on a server, and the data center where the servers are located.


This division does not apply only if the "host" of your server is in your office or your data center, but this is extremely rare. In any other case, with all the effort of the webmaster and regardless of the amount of control you have, some elements of security should be entrusted to third parties.

Since in practice most hosting companies do not have their own data center, such an environment has five basic levels of security. In order for you as a user to work easily and painlessly it is important to understand which of these levels you can affect and what are your responsibilities.


1. Physical security.


Basic safety begins with physical safety. If a malicious unauthorized person has physical access to the server on which your site is, that person may do practically whatever he wants. He can simply pull the power cord, copy your data, or simply destroy it. This is one of the biggest reasons why serious data centers consider physical security very important and crucial in the services they offer.

Responsibility: This level of security lies on the back of the data center where the servers are located. Security breaches very rarely occur at this level.


2. Data center local area network.


The second level of security that should be taken into account is the local network that surrounds the physical server. Routers, switches, firewalls, and other network equipment are also vulnerable points. If an unauthorized person has access to these devices, they can without any trouble make a mess and cause damage, install malicious software that tracks and records traffic, collect confidential information, and so on.


Responsibility: This is also the responsibility of the data center.


3. Operating system.

Each computer must have some sort of an operating system. Just as ordinary home computers have operating systems such as Linux, Windows, or Mac OS, web servers are no different. Of course, server operating systems are slightly different. An attack at this level will have an impact not only on one account, but on all users who are on the physical server.


Responsibility: The responsibility is solely on hosting companies.


4. Virtualization.


Virtualization is a level of software that sits between the operating system and the user. Virtualization separates the physical server into multiple virtual servers, each of which behaves as a separate server using the assigned resources of the physical server. Some of the most widely used virtualization platforms are VMware, Xen, Hyper-V, and others. Even though they are all quite reliable, attack at this level can jeopardize the entire server.


Responsibility: The hosting company is responsible for defending against attack at this level.


5. System management server (control panel).


We have learned that each server has an installed OS, but that's not all. Each server usually has installed some software to manage user accounts that allows users to independently maintain accounts, set parameters, create email addresses, set up databases, and so on. Some of the most popular software packages to manage servers are cPanel, WebsitePanel, Helm, and Plesk. An attack at this level would enable the attacker to create new user accounts, delete data, and much more.


Responsibility: Responsibility at this level depends on your specific hosting package. In a shared hosting environment, this is the job of the hosting company. On a virtual private server (VPS) or dedicated server, it depends on whether youâve purchased managed or unmanaged service. In the case of managed VPS services, responsibility lies with the hosting company. In the case of unmanaged VPS services, responsibility lies with you.


Vodien is a Singapore-based web host that provides domain hosting and small business web hosting. Host your website with the leading service provider in Asia.
















Despite all the knowledge, skills, and efforts of any domain hosting company, web server security is always in some way compromised. The reason for this lies in the fact that safety is joint work involving the owner of the account, the web host that provides space on a server, and the data center where the servers are located.

This division does not apply only if the "host" of your server is in your office or your data center, but this is extremely rare. In any other case, with all the effort of the webmaster and regardless of the amount of control you have, some elements of security should be entrusted to third parties.

Since in practice most hosting companies do not have their own data center, such an environment has five basic levels of security. In order for you as a user to work easily and painlessly it is important to understand which of these levels you can affect and what are your responsibilities.

1. Physical security.



Basic safety begins with physical safety. If a malicious unauthorized person has physical access to the server on which your site is, that person may do practically whatever he wants. He can simply pull the power cord, copy your data, or simply destroy it. This is one of the biggest reasons why serious data centers consider physical security very important and crucial in the services they offer.

Responsibility: This level of security lies on the back of the data center where the servers are located. Security breaches very rarely occur at this level.

2. Data center local area network.

The second level of security that should be taken into account is the local network that surrounds the physical server. Routers, switches, firewalls, and other network equipment are also vulnerable points. If an unauthorized person has access to these devices, they can without any trouble make a mess and cause damage, install malicious software that tracks and records traffic, collect confidential information, and so on.

Responsibility: This is also the responsibility of the data center.

3. Operating system.

Each computer must have some sort of an operating system. Just as ordinary home computers have operating systems such as Linux, Windows, or Mac OS, web servers are no different. Of course, server operating systems are slightly different. An attack at this level will have an impact not only on one account, but on all users who are on the physical server.

Responsibility: The responsibility is solely on hosting companies.

4. Virtualization.



Virtualization is a level of software that sits between the operating system and the user. Virtualization separates the physical server into multiple virtual servers, each of which behaves as a separate server using the assigned resources of the physical server. Some of the most widely used virtualization platforms are VMware, Xen, Hyper-V, and others. Even though they are all quite reliable, attack at this level can jeopardize the entire server.

Responsibility: The hosting company is responsible for defending against attack at this level.

5. System management server (control panel).



We have learned that each server has an installed OS, but that's not all. Each server usually has installed some software to manage user accounts that allows users to independently maintain accounts, set parameters, create email addresses, set up databases, and so on. Some of the most popular software packages to manage servers are cPanel, WebsitePanel, Helm, and Plesk. An attack at this level would enable the attacker to create new user accounts, delete data, and much more.

Responsibility: Responsibility at this level depends on your specific hosting package. In a shared hosting environment, this is the job of the hosting company. On a virtual private server (VPS) or dedicated server, it depends on whether youâve purchased managed or unmanaged service. In the case of managed VPS services, responsibility lies with the hosting company. In the case of unmanaged VPS services, responsibility lies with you.

Vodien is a Singapore-based web host that provides domain hosting and small business web hosting. Host your website with the leading service provider in Asia.

This review is listed under IT Security & Architecture , Server & Storage Management and E-Commerce Community

Post a Comment

Please notify me the replies via email.

Important:
  • We hope the conversations that take place on MyTechLogy.com will be constructive and thought-provoking.
  • To ensure the quality of the discussion, our moderators may review/edit the comments for clarity and relevance.
  • Comments that are promotional, mean-spirited, or off-topic may be deleted per the moderators' judgment.
You may also be interested in
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top