Tear Down: The Specs to Look for When Choosing a Server

You’ve been tasked with finding a hosting solution for your project. Typically, you’re looking for a way to get a website online. But, there are other reasons why you would need access to a server. Maybe you’re running proprietary software or a web app. Maybe you’re an avid online gamer who wants to set up a server for dedicated multiplayer. There are many reasons beyond having a website that a person would be interested in signing up for a hosting plan. Regardless of the reason you’re shopping around for a host, it’s important to know what your specific needs are.

 

Whether you opt for a VPS or a dedicated server, it’s important to look at the specs on the hardware. While there are certainly tiers when it comes to overall horsepower of a hosting solution, each specific category will have its own specs to peruse. Yes, a VPS is faster than shared hosting and dedicated servers are the fastest of all, but you can get dedicated servers at higher and lower relative speeds.

 

At the end of the day, servers are computers just like the ones you use at home or at work. They have the same components with the same functionality. However, the specs you’d look for when building your own gaming PC differ from the specs you need for a server. It’s not an exact match. You’ll notice pretty significant capacity differences that you wouldn’t even dream of using on a home machine. That’s because performing a task like hosting a website is significantly different than running an entire operating system with an assortment of applications and sufficient space for storing all of your data.

 

Let’s do a virtual tear down of server hardware and examine the major specifications prospective customers should take note of when looking to sign up for a hosting plan.

 

CPU

 

Just like when shopping for personal computers, it’s important to start with the processor since it’s “the brain” of the machine. There are two main manufacturers of processors that you’ll find in nearly every machine: Intel and AMD. Some simpler devices like netbooks use ARM processors, but they haven’t really been adopted for server technology due to their overall low power. Some servers have attempted to use them but the market seems to be highly niche, if not fading away.

 

The two major players have their supporters and detractors. In discussions of PCs this is much more pronounced because there are positives and negatives to both, especially when it comes to high-performance systems and wanting to control costs. With servers, however, it’s generally accepted that Intel is the way to go. This is because, from a performance standpoint, Intel is faster. Intel processors have quicker read and write speeds from memory on a per-core basis. Many of the offerings you see will advertise sixteen cores.

 

When you get to dedicated servers, you’ll begin to see processor choices that more closely resemble the processors you’d find in a high-performance home machine. Most will be familiar with Intel’s i7 processor which is generally considered the top tier for the typical consumer machine. Beyond that is their Xeon line which you’ll find in the most specialized machines designed for maximum performance.

 

Most people shopping for hosting won’t have to worry too much about the processor if they’re only looking to host a website because they’ll be opting for a VPS and won’t need that kind of CPU power. Taxing use cases like heavy software will probably benefit from a dedicated server with at least an i7.

 

RAM

 

If the processor is the brain, the RAM dictates how many different processes the brain can juggle at the same time. It is memory, after all. Choosing the appropriate RAM for your server is when you’ll notice a fairly big difference in comparison to shopping for RAM for a personal computer. While most people will tell you four gigabytes of RAM is the absolute minimum a desktop or laptop should have (and realistically, it’s more like eight gigabytes these days) the same doesn’t hold true for your server.

 

The bare minimum your hosting solution would need is about 512 megabytes but realistically you want to opt for one gigabyte or more. A standard VPS plan starts at the one gigabyte mark and would be fine for simple sites with average levels of traffic. Also keep in mind here that you are using a portion of a machine rather than a whole machine. You’ll notice this difference when you start shopping for dedicated servers and see they start with sixteen gigabytes of RAM.

 

Multiple factors go into having to figure out how much RAM you need. While a definitive calculation is difficult to make, you of course want to opt for more if you can afford it. Here are some variables you’ll want to be aware of.

 

Traffic: The higher the anticipated traffic, the more RAM you’ll need to keep up with demand.

Content Management System: Popular CMSes like WordPress and Drupal need at least one gigabyte of RAM, though two certainly wouldn’t hurt.

Control panels: Software like cPanel will count towards what uses up your alloted RAM.

Scripting languages and databases: Running PHP (like in WordPress) and SQL databases will require higher amounts of RAM.

Applications: Just like on any computer, the more applications running simultaneously on the device, the more RAM needed to keep them working.

 

Storage

 

Finally, let’s look at storage. Like with your own machine, you have a choice between standard hard drives and SSDs. A managed SSD VPS is often a popular choice because you’re getting a significant speed boost by using an SSD. Solid state drives have a few advantages over their spinning hard drive counterparts. For the purpose of a server though, the speed boost is your primary concern. Aspects like greater durability are nice, but that’s really your hosting company’s concern.

 

As for how much storage you need, the answer might surprise you. If you see a plan that offers thirty gigabytes of space, you might be taken aback. Your smartphone has more storage than that. But, you can’t think of hosting like a personal device. If you’re hosting a simple site, all that’s taking up space are text files and visual assets. They don’t add up to much at all. Now, if you’re hosting your email on your server too, you’ll quickly run out of space.

 

Essentially, you need to be aware of what you actually need to keep on your server. Does your site require huge databases? Will you be hosting multimedia? Taking an inventory of your assets before launch will save you a headache down the road.

 

Conclusion

 

We’ve broken down the major components of what makes a server run. However, every situation is unique and you may need more guidance on what monthly plan, exactly, would best suit your needs. You may still be on the fence between a VPS or dedicated server. Would an SSD really be necessary? If you still have questions about what server to choose or you’re ready to get started setting your hosting environment up, contact the team at KnownHost today.  Our experienced staff is always here to help.

Read More

4 Reasons Why Shared Hosting is Like Fast Food

Everyone wants a great deal. Getting as low a price as possible, within reason, is essential to power your business with a shoestring budget. It’s easy to have a feeling with a business that the cheap solution is necessarily the best – you’re treating the challenge pragmatically, with as little investment as possible. Plus, the most affordable option is often the most widely available, since everyone wants to control their costs.

 

When we need hosting, as with any other business service, we want to quickly get the plan without any hassle. In wanting to check “get hosting” off our list and keep moving forward, it’s easy to set aside the health of our site. It’s a similar challenge to driving along and needing a bite to eat. The highly processed choices of fast food chains are available immediately, right on the side of the road. We can get a meal quickly, and we know it won’t cost us much. However, we know the health benefits can be devastating.

 

Steve Woody of Online Mastery suggests that shared hosting is digital junk food for your online presence. He says he feels that many people are not being cautious when it comes to the infrastructure they use to back their sites. Understandably, people who used shared hosting for their businesses are “[t]rying to increase the bottom-line and reduce cash-flow,” he says, adding that “[i]t’s easy to play naive and deal with the consequences later.”

 

Here are four reasons why it’s a good idea to go another route than shared hosting:

 

Reason #1 – You are expendable.

 

Want to be treated like a king? Unfortunately, you won’t get VIP treatment as a fast food or shared hosting customer. Shared hosting companies make money off their volume of customers – so they could really care less about whether one account stays or goes.

 

With a shared account, “there is only so far a host will ‘bend over backwards’ for you,” explains Jonathan Bailey of Bloggingpro. “If you want a host that is willing to do more for you and work with you more, you need to consider spending more money.”

 

Reason #2 – The information is misleading.

 

Shared hosting may be sold as if it is designed for smart and healthy business growth. However, like fast food, the hosting companies that focus on shared hosting are simply trying to cut costs and sell as many of plans as they can. Does the burger you eat ever look like the one in the picture? Similarly, your shared plan might not live up to the way it’s sold. One example of unreasonable shared hosting expectations is the notion of unlimited resources, which is protected with “fair use” clauses in fine print.

 

Reason #3 – Performance.

 

A shared server cuts costs for all businesses by allowing numerous people to share the same resources. It would probably annoy you to be reliant on the same cellular data plan that is being used by all the other people on your block, but that is essentially the idea with shared hosting.

 

What if you suddenly need a huge amount of resources? Think about that issue of scalability. “If one website is taking up too many resources these servers have a failsafe and the website gets shut down to prevent others from being affected,” says Woody.

 

How is this like fast food? Well, fast food is intended, like other food, to provide you with energy. However, it may be likelier that a low-nutrition meal filled with additives will leave you with symptoms of anxiety and chronic fatigue syndrome. Don’t feed your site so many French fries and chalupas that it can’t get up off the couch.

 

Reason #4 – Security.

 

Security should really be viewed as a necessary priority in an era of increased hacking and open sourcing of DDoS botnet code. You may think you don’t need to worry about hacking until you grow more. However, it’s important to know how vulnerable a site of a small business is if it does get compromised: 3 in 5 small businesses are bankrupt six months following a hack.

 

A shared server does not have the kind of distinction, separation of data, that any business should really want. It’s not a particularly careful way to host sites. What if a malicious threat such as E. coli comes along and wants to enjoy your site? Don’t let your site get food poisoning from shared hosting.

 

Why Shared Hosting is Dangerous – Exploration of Attack Steps

 

My point in this article is of course not simply to draw this parallel with fast food. It’s to suggest that shared hosting is not the right choice just because it’s simple. Like the perils of eating the wrong types of food are best explained by looking at specific issues, as explored in Fast Food Nation or Super Size Me, it helps to look in a granular way at shared exploits to understand why these servers present a weak front.

 

The InfoSec Institute looks at the shared server from the perspective of the process through which someone might compromise a site. Here are the basic stages through which a hacker might go after your site:

 

Reverse IP lookup

 

Before a hacker actually goes after your site, they will perform what’s called reconnaissance. In this manner, you can see what domains are on the shared server.

To see all the sites that are running on your server, you can use various methods, including search engines, the Linux dig command, or a free service such as YouGetSignal.

 

Server CMS enumeration

 

The next step for an attacker is often to find sites with certain types of content management system (CMS), such as WordPress. A CMS is a standard point of entry for cybercrime.

 

To understand the typical path of an attack, you want a list of the sites that are using a certain CMS. You can get a list very easily – the platforms place their name and version information in the source code.

 

You (or a hacker) can actually just build the IP and CMS lookup into a script if you want.

 

Waging a CMS attack

 

Once you have a list of sites running a CMS, you can divide it up into ones that are running WordPress, Joomla, Drupal, etc.

 

You can use a vulnerability scanner to check for weakness on any CMS installation. Another place to get information is exploits that are on file at services such as Exploit Database.

 

The vulnerability scanner will quickly give you basic details that would be helpful in attacking the site. For instance, let’s look at the use of one for WordPress, WPScan. WPScan brings up the following information:

 

  • Active plugins
  • Active themes
  • Any detected TimThumbs (a known security issue)
  • List of usernames.

 

Note that one key way an admin panel is beaten is through brute force, leveraging the fact that many websites don’t use complex passwords. This method could use a list of the most popular passwords. You can even brute-force using WPScan if the login page doesn’t have a captcha in place.

 

“Based on the strength of your wordlist there is a high probability that the passwords of wordpress admin accounts will be cracked successfully,” notes the InfoSec Institute report.

 

*****

 

The above issues with shared hosting are disconcerting – especially since it’s clear that the security protection is insufficient for businesses. Luckily a shared server is not the only option on the market.

 

Do you want to drive by the fast food options and get hosting that will instead improve the strength and vitality of your business? At KnownHost, our high-quality managed VPS hosting plans offer fast servers and a 99.9% uptime guarantee at great prices. Compare plans.

Read More

Basic Security Features of Your New Site You Need to Know

Security on the web has been a huge topic of conversation for the past several months, if not years, though our last election cycle has seemed to really spotlight it for the general population. More people than ever have been exposed to a conversation that business owners and IT professionals have been engaged in for years which is trying to find the best ways to protect sensitive data from malicious attackers. The security of your customers and visitors is also of the highest importance. So, what do you need to know to get your new site up to speed as far as standard security protocols?

 

There are a few settings and features to be aware of as you explore the backend environment of your new VPS in an effort to bolster your security. This is a good point to throw in some caveats when we talk about the security of any website. There are no guarantees. Hacking attempts continually get more sophisticated and things can happen despite one’s due diligence. What the following is meant to do is to inform you of some best practices that will help keep your site more secure, but is it in no way a definitive guarantee that nothing will happen to your site if you do “X” things. Taking preventative steps is better than taking no action, of course, so use this information to your advantage.

 

Once you’ve logged into the hosting environment of your VPS, here are some things to keep an eye out for.

 

CSF/LFD

 

The good news about a lot of the terms and acronyms that are going to be coming your way is that they refer to things that are (or should be) already installed on your server. If they’re not, you can contact customer service to get it remedied. So, you won’t have to worry too much about making sure all of these things are in place yourself. Let’s start with CSF and LFD.

 

ConfigServer Security & Firewall (CSF) with Login Failure Daemon (LFD) is a security application that can be accessed through cPanel, which will already be established for you when you log in. CSF/LFD does a few things. It is a Stateful Packet Inspection (SFI) firewall and login and intrusion detector. CSF/LFD sends notifications in the event that something with some importance is potentially happening. That’s to say, getting an alert doesn’t mean you’re in the midst of an attack. But, something worth your attention is occurring.

 

LFD has a variety of useful features built into it that we’ll touch on briefly here. You can read more about these features and examples of the kinds of notifications you’ll receive at our wiki.

 

LFD will automatically perform IP blocks based on reasons that can be configured by the user. By default, you receive notifications each time an IP is blocked. Whether or not you want to disable this is up to you. Depending on your traffic and your filters, you might be getting alerted to things constantly, which would be a distraction. Make sure you’re confident in your configurations before doing this.

 

LFD “keeps an eye out” for things like too many failed login attempts within a short period of time, too many connection attempts being made from a single IP address, certain email issues as they pertain to volume, and successful login attempts through a variety of methods including cPanel or SSH.

 

SSL

 

Secure Sockets Layer (SSL) is maybe a bit more familiar to people because of its general acceptance as a must have for many sites, especially e-commerce sites where you’re handling sensitive customer information.

 

To explain the technology in brief, having an SSL certificate is important because it signifies you’ve put certain protections in place to ensure the safety of your customers’ information. SSL encrypts the path between the server and the client. When customers type in their credit card information to make a purchase on your site, for example, that information is transmitted securely thanks to encryption instead of the plain text it is transmitted as without SSL. Because one method of stealing information is intercepting it as it is transmitted, SSL is more or less a must have these days.

 

You’ll have to install your SSL through cPanel. To do this, you’ll need to generate a Certificate Signing Request (CSR) in cPanel which you can do by following our guide. The signing authority you purchase your SSL from will need that CSR to complete your certificate. You can then install the signed SSL certificate through cPanel. You can typically tell if a site has an SSL right from the address bar in your browser. There may be a lock next to the URL to indicate security, or you can look for https:// to precede the site’s address. The key detail there is the S as the unsecured http:// delineates no SSL. If you’re unsure that your SSL has been installed, there are sites online where you can type in your domain name and it’ll tell you.

 

User Decisions

 

Moving along from server issues to issues that are more user based, it’s important to be smart with your content management system (if you’re using one) as well. Popular CMSes like WordPress often find themselves targets of malicious actors because of how widely used they are. It’s important to do your due diligence and ensure that you are regularly updating your CMS’ core software as updates are released. The nature of open source software is such that updates come out frequently because the user base is always inspecting the code. Vulnerabilities can also come from that same public knowledge of the code. It’s important to be on top of those updates because they almost always include security and bug fixes. This need for vigilant updates also applies to plugins, extensions, and whatever other additional modules that your CMS allows you to install to expand functionality.

 

Additionally, if you have multiple users with access to your site, be sure to restrict access to the bare minimum so that they can perform their job. The fewer people that have full administrator access, the better. Passwords should also be complex, a random assortment of characters greater than ten, and not a duplicate of any other password you use for any other service. Password breaches are still one of the most common methods of unauthorized entry to a site. Most of the time it’s because the user was either phished or the password was something relatively easy to guess.

 

Finally, backups are critical. Your host may perform backups for you, but you should still manually save things yourself on a local drive whenever possible just to be doubly sure you always have your information in the event of something going wrong. As a best practice, one backup of something is never enough.

 

Conclusion

 

At KnownHost, we value customer satisfaction. That’s why we want to set you up for success. Whether it’s needing faster hosting solutions than you’re already using, you have questions about security, or you’re looking to establish a web hosting reseller business, we’re available to help. Contact our team today and we’ll get you setup with the hosting that you need.

Read More

Why Your Content Management System Could Dictate What Kind of Server You Need

In some ways, a website is like a car. There are many moving parts that make the entire thing work. Similarly to diagnosing car trouble, there are many different variables to investigate when trying to determine why your website may not be performing up to par. What’s with the slowdown? Why is the site taking so long to load? Questions like that cause site owners to drill down into their analytics and see what, exactly, are the implications of these noticeable issues. Typically, you’ll note things like higher bounce rates, drops in conversions, and a general tapering off of visitors as they make their way through the pipeline you’ve designed.

 

So, what gives? Which of the moving parts is keeping this car off the road? It’s hard to give broad answers because of the many different possible causes. But, because we talk about hosting here, we’re going to investigate how two critical choices you make when creating your site can interact in a way that gives your site less than optimal performance.

 

Two big contributors to overall site performance are your content management system and the hardware you choose for your hosting. Many factors go into the need for upgrading your hosting to a VPS or dedicated server. Things like traffic volume play a big part, but your content management system can dictate what kind of server you need as well. Let’s break it down.

 

Content Management System

 

Your content management system, or CMS as it’s more commonly written out as, is the “behind the scenes” portion of your site. It’s the place you login to to make changes to the content of your site. Copy, images, and even a lot of the functionality of a site will be controlled through here. This is not to be confused with cPanel, which is even further behind the scenes and where the user can do things like actually install the CMS onto the server.

 

CMS choices come in a variety of flavors. Many of the most popular ones are open source software which cost nothing and can be modified to the end user’s liking. Depending on your individual needs, some of the more popular content management systems include Drupal, Joomla, Magento (with Magento 2 now seeing wide release), and WordPress. WordPress is probably the CMS that you’re most used to, even if you don’t know it. That’s because about a quarter of all the websites on the internet are powered by WordPress. It’s pretty crazy when you think about it. There’s a good chance the website you’re looking to launch will be powered by WordPress due to its popularity and relative ease of use.

 

WordPress is formidable in nearly any use case. While it may be generally looked upon as a blogging platform, its capabilities go far beyond that. With popular plugins like WooCommerce, you can operate an ecommerce site. If you’ve got some fairly decent PHP chops, you can even hack WordPress to operate as a simple social networking site or company intranet.

 

But these tasks (and the WordPress installation itself) can be “heavy.” That is, WordPress can be burdensome when it comes to resource requirements. Which is where your server comes in.

 

Hosting Solutions

 

Everyone knows the allure of shared hosting plans. They’re cheap, easy enough to get started, and they get your site online. But there are quire a few reasons why shared hosting isn’t a viable option for a professional site with a CMS. For one thing, shared hosting isn’t as secure as options like a VPS or dedicated server due to the fact you’re sharing not only a machine but resources with other sites. If one site gets compromised, there is a route that can be exploited into yours. Any sensitive information you have may be exposed. But beyond the security aspect of it, there is the performance aspect.

 

WordPress, to say nothing of a really resource hungry CMS like Magento, doesn’t perform at its best on shared hosting because it requires a bit more horsepower to load quickly. If you’re a web developer, you probably use a lot of different browsers for testing. WordPress is a lot like Google Chrome. It’s the most popular and it has awesome features, but it’ll eat up RAM and battery at a faster pace than the competition.

 

Since shared hosting won’t cut it, you’ll need to decide if a VPS or dedicated server is right for you. In most cases, a VPS will do the trick. It has the CPU speed and RAM required to power most sites and handle a reasonable amount of traffic. The only sites that would really benefit from going all in on a dedicated server is a site that’s getting significant traffic at all hours of the day. Think huge ecommerce stores or content delivery sites like the Huffington Post.

 

Why Your Server Matters

 

Pairing the right CMS for the job with the right server will be what helps make sure your site performs properly. Site speeds and load time are very important to conversion rates. There are many different metrics you can look at that prove the point. Essentially, what you need to know is that the major ecommerce sites have an average loading time of ten seconds, when the ideal is actually three. Every second counts. A one second improvement can improve conversions by up to 7%. Compound that annually based on your sales and you can see that it’s a sizable sum.

 

The reason why your CMS can add to your load times is that the functionality all has to process in the browser when a visitor calls up your site. The complexity of the PHP scripting can add on to the load time. Themes have to populate. With WordPress in particular, the number of plugins you’re running can slow down your load time. While each plugin maybe adds a fraction of a second to the total load time, if you’re relying on a wide variety of plugins for functionality, those fractions quickly add up. And if a single second does indeed impact sales to such an extent, you see why offsetting all the backend processes of your site with a powerful server is the way to go.

 

No matter what CMS you ultimately land on, most of the major players aren’t what one would consider lightweight. And since many rely on the plugin/addon model for functionality, you want a hosting solution that’ll be able to process everything quickly enough so that all of your visitors can have a fast experience whether they’re coming to your site during peak traffic time or not.

 

Conclusion

 

Your website needs the right hosting solution to ensure its performing at its best. Are you currently with another host and you’re contemplating shopping around because you’re tired of losing out on money due to a poor performing site? Whether you’re looking for a new host or you’re looking to get a brand new online business off the ground, the team at KnownHost is here to help. We have the hosting solutions you need so you can set yourself up for success. Contact us today and we’ll walk you through your options and get you set up with the VPS or dedicated server you need for your site.

Read More