Understanding VPS Hosting

12 Facts You Need to Know to Understand VPS Hosting

To understand VPS hosting, you basically need to know what hosting is and what a virtual private server (VPS) is. This piece briefly explores both of those topics as a series of facts.

 

#1. Web hosting gives companies the servers they need to get online.

 

Web hosting is the service of providing Internet-related infrastructural plans to businesses and others. Organizations that do not have their own datacenters, want to move quickly to get started on a project, or do not want to manage servers themselves will use a web host for server space, file maintenance, and online services.

 

#2. Web hosting is split into three major categories.

 

Web hosting is, generally, also sometimes called website hosting or simply hosting. However, people will talk about hosting in terms of the individual category – the major ones of which are:

 

shared hosting: many accounts on one physical machine with a single operating system and unguaranteed resources. (lowest cost)

 

VPS hosting: a smaller number of accounts per machine, each of which has their own operating system and guaranteed resources. (slightly higher cost than shared)

 

dedicated hosting: one account per machine. (significantly higher cost than shared)

 

Related specifically to our topic of VPS, as you can see above, VPS hosting is fundamentally an effort to find “the best of both worlds” – the middle-ground between the flexibility and power of dedicated hosting and the affordability of shared hosting.

 

#3. Many people come to web hosting companies for speed.

Often, companies use web hosting providers for access to their fast web connections. If an organization were to host its own servers, it would be costly to get access to similarly strong data networks. Basically, the business that buys hosting services is leveraging the shared cost of a speedy Internet connection to store and serve its files both internally and externally.

 

#4. Web hosting is an industry that was originally created by the Internet.

 

When the Internet first became publicly available as a mass-market service (the early 1990s), those who were interested in creating websites had to have their own servers. Since servers are costly, and the maintenance of them can be highly technical, there was a potential business need for web hosting. However, the first step was to build servers and create web hosting packages that would meet the needs of many users at the lowest possible cost.

 

#5. Web hosting became prominent for meeting a common business need.

 

Web hosting grew as a business when it became clear that (unsurprising to us now) not everyone wants to host a server themselves. The basic business idea, in the early days, was that it would be a good business to buy servers and rent out the resources of them at a reduced cost to customers that want to run a website – regardless of (and, in a manner, completely irrelevant and separate from) the technical aspects related to hardware.

 

#6. Web hosting demand was minuscule in the beginning, and key statistics show us why it has grown exponentially.

 

Demand was initially not high for web hosting for three basic reasons:

  •  * the amount of people online was low;
  •  * web hosting was an emergent field that was below the surface of public awareness (“farther below,” really, since many people are still unfamiliar with the field); and
  •  * web hosting was costlier because there was less competition.

These figures from The Next Web give us an immediate sense of how mammoth the Internet really is now in size. In turn, these numbers, from January 2017, tell us why web hosting companies have become of ever-increasing use to business. [source]

  •  * There are 7.476 billion people on the planet (with 54% of us in urban settings).
  •  * The total population of Internet users worldwide is 3.773 billion, a 50% penetration of the possible market (so, in a way, it’s only half as ubiquitous as it seems globally).
  •  * Active social media users are a smaller population – at 2.789 billion people, that’s “merely” 37% of everyone in the world.
  •  * Interestingly, the number of mobile users, at 4.917 billion, is higher than the number of Web users.

 

#7. The business world was revolutionized by web hosting.

 

Everyone talks about the disruption of the Internet. That digital disruption that has changed our lives in so many ways for the better would not have been possible without web hosting – which supplied the convenience to allow businesses to get online in a structured and trusted manner. The changes were really business-wide and impacted almost every industry.

 

Specifically, a major aspect of that disruption was in marketing. Marketers had to completely change their approach as websites became increasingly critical platforms for the branding of businesses. What used to be print became digital – following the same basic pattern of magazines and newspapers.

 

#8. A virtual private server (VPS) gives hosting customers greater control.

 

A VPS is a virtual server that is experienced as its own server and has its own unique operating system (OS). For better costs than dedicated hosting, while still offering a significant technological upgrade from shared hosting, a hosting company divides one physical server into guaranteed sets of resources for a number of different VPS hosting customers.

 

Typically this scenario is described as a virtual private server (VPS). However, the term virtual dedicated server (VDS) is also sometimes used.

 

#9. A VPS is a similar concept to having your own private computer.

 

A virtual private server is fundamentally about separation. It takes the form of a virtual machine to meet the needs of each individual hosting customer just as an independent PC can be dedicated for use by a single person. This type of server gives a business the same capabilities (including full root access from some providers) as a dedicated server, with several VPS machines, all with separate operating systems, running on the same machine or set of machines.

 

#10. A VPS gives a user much greater freedom than they’d have with shared hosting.

 

A VPS will usually include basic components such as web server and mail server programs; file transfer protocol (FTP) software; and possibly additional applications for e-commerce, blogging, and other core features. Since a virtual private server has its own operating system, the customer takes on the role of a super-user of the OS. In turn, they are able to install whatever software they choose that can run on that particular OS (typically a Linux distribution).

 

#11. VPS plan management creates a major distinction.

 

As virtualization technology has progressed, companies are now able to provide VPS hosting affordably. One of the most important features of VPS plans is the determination of the responsible party to manage the server. In an unmanaged setting, the user bears the responsibility to manage and monitor the server. In a managed VPS hosting setting, the hosting company is responsible.

 

#12. Virtual private servers are of use to small and large companies.

 

A typical example scenario in which a VPS is useful is when a startup or other small business wants to create and run a site but does not want to have to make an investment in a dedicated server. However, an enterprise might use VPS hosting as well. The VPS setup is helpful in those cases because it allows one user to control various servers; one might be designated for the production-level website and another for a sandbox server (so that a false version of the site can be used for testing updates, changes, and new software or plugins).

 

*****

 

Hopefully, the above facts are helpful in understanding web hosting, the virtual private server, and VPS hosting. Do you think a VPS might be right for your business? At KnownHost, you are scalable on demand, without any downtime: no migration of files or databases are required, and there are no changes in your settings. Compare plans.

Read More

Tear Down: The Specs to Look for When Choosing a Server

You’ve been tasked with finding a hosting solution for your project. Typically, you’re looking for a way to get a website online. But, there are other reasons why you would need access to a server. Maybe you’re running proprietary software or a web app. Maybe you’re an avid online gamer who wants to set up a server for dedicated multiplayer. There are many reasons beyond having a website that a person would be interested in signing up for a hosting plan. Regardless of the reason you’re shopping around for a host, it’s important to know what your specific needs are.

 

Whether you opt for a VPS or a dedicated server, it’s important to look at the specs on the hardware. While there are certainly tiers when it comes to overall horsepower of a hosting solution, each specific category will have its own specs to peruse. Yes, a VPS is faster than shared hosting and dedicated servers are the fastest of all, but you can get dedicated servers at higher and lower relative speeds.

 

At the end of the day, servers are computers just like the ones you use at home or at work. They have the same components with the same functionality. However, the specs you’d look for when building your own gaming PC differ from the specs you need for a server. It’s not an exact match. You’ll notice pretty significant capacity differences that you wouldn’t even dream of using on a home machine. That’s because performing a task like hosting a website is significantly different than running an entire operating system with an assortment of applications and sufficient space for storing all of your data.

 

Let’s do a virtual tear down of server hardware and examine the major specifications prospective customers should take note of when looking to sign up for a hosting plan.

 

CPU

 

Just like when shopping for personal computers, it’s important to start with the processor since it’s “the brain” of the machine. There are two main manufacturers of processors that you’ll find in nearly every machine: Intel and AMD. Some simpler devices like netbooks use ARM processors, but they haven’t really been adopted for server technology due to their overall low power. Some servers have attempted to use them but the market seems to be highly niche, if not fading away.

 

The two major players have their supporters and detractors. In discussions of PCs this is much more pronounced because there are positives and negatives to both, especially when it comes to high-performance systems and wanting to control costs. With servers, however, it’s generally accepted that Intel is the way to go. This is because, from a performance standpoint, Intel is faster. Intel processors have quicker read and write speeds from memory on a per-core basis. Many of the offerings you see will advertise sixteen cores.

 

When you get to dedicated servers, you’ll begin to see processor choices that more closely resemble the processors you’d find in a high-performance home machine. Most will be familiar with Intel’s i7 processor which is generally considered the top tier for the typical consumer machine. Beyond that is their Xeon line which you’ll find in the most specialized machines designed for maximum performance.

 

Most people shopping for hosting won’t have to worry too much about the processor if they’re only looking to host a website because they’ll be opting for a VPS and won’t need that kind of CPU power. Taxing use cases like heavy software will probably benefit from a dedicated server with at least an i7.

 

RAM

 

If the processor is the brain, the RAM dictates how many different processes the brain can juggle at the same time. It is memory, after all. Choosing the appropriate RAM for your server is when you’ll notice a fairly big difference in comparison to shopping for RAM for a personal computer. While most people will tell you four gigabytes of RAM is the absolute minimum a desktop or laptop should have (and realistically, it’s more like eight gigabytes these days) the same doesn’t hold true for your server.

 

The bare minimum your hosting solution would need is about 512 megabytes but realistically you want to opt for one gigabyte or more. A standard VPS plan starts at the one gigabyte mark and would be fine for simple sites with average levels of traffic. Also keep in mind here that you are using a portion of a machine rather than a whole machine. You’ll notice this difference when you start shopping for dedicated servers and see they start with sixteen gigabytes of RAM.

 

Multiple factors go into having to figure out how much RAM you need. While a definitive calculation is difficult to make, you of course want to opt for more if you can afford it. Here are some variables you’ll want to be aware of.

 

Traffic: The higher the anticipated traffic, the more RAM you’ll need to keep up with demand.

Content Management System: Popular CMSes like WordPress and Drupal need at least one gigabyte of RAM, though two certainly wouldn’t hurt.

Control panels: Software like cPanel will count towards what uses up your alloted RAM.

Scripting languages and databases: Running PHP (like in WordPress) and SQL databases will require higher amounts of RAM.

Applications: Just like on any computer, the more applications running simultaneously on the device, the more RAM needed to keep them working.

 

Storage

 

Finally, let’s look at storage. Like with your own machine, you have a choice between standard hard drives and SSDs. A managed SSD VPS is often a popular choice because you’re getting a significant speed boost by using an SSD. Solid state drives have a few advantages over their spinning hard drive counterparts. For the purpose of a server though, the speed boost is your primary concern. Aspects like greater durability are nice, but that’s really your hosting company’s concern.

 

As for how much storage you need, the answer might surprise you. If you see a plan that offers thirty gigabytes of space, you might be taken aback. Your smartphone has more storage than that. But, you can’t think of hosting like a personal device. If you’re hosting a simple site, all that’s taking up space are text files and visual assets. They don’t add up to much at all. Now, if you’re hosting your email on your server too, you’ll quickly run out of space.

 

Essentially, you need to be aware of what you actually need to keep on your server. Does your site require huge databases? Will you be hosting multimedia? Taking an inventory of your assets before launch will save you a headache down the road.

 

Conclusion

 

We’ve broken down the major components of what makes a server run. However, every situation is unique and you may need more guidance on what monthly plan, exactly, would best suit your needs. You may still be on the fence between a VPS or dedicated server. Would an SSD really be necessary? If you still have questions about what server to choose or you’re ready to get started setting your hosting environment up, contact the team at KnownHost today.  Our experienced staff is always here to help.

Read More

4 Reasons Why Shared Hosting is Like Fast Food

Everyone wants a great deal. Getting as low a price as possible, within reason, is essential to power your business with a shoestring budget. It’s easy to have a feeling with a business that the cheap solution is necessarily the best – you’re treating the challenge pragmatically, with as little investment as possible. Plus, the most affordable option is often the most widely available, since everyone wants to control their costs.

 

When we need hosting, as with any other business service, we want to quickly get the plan without any hassle. In wanting to check “get hosting” off our list and keep moving forward, it’s easy to set aside the health of our site. It’s a similar challenge to driving along and needing a bite to eat. The highly processed choices of fast food chains are available immediately, right on the side of the road. We can get a meal quickly, and we know it won’t cost us much. However, we know the health benefits can be devastating.

 

Steve Woody of Online Mastery suggests that shared hosting is digital junk food for your online presence. He says he feels that many people are not being cautious when it comes to the infrastructure they use to back their sites. Understandably, people who used shared hosting for their businesses are “[t]rying to increase the bottom-line and reduce cash-flow,” he says, adding that “[i]t’s easy to play naive and deal with the consequences later.”

 

Here are four reasons why it’s a good idea to go another route than shared hosting:

 

Reason #1 – You are expendable.

 

Want to be treated like a king? Unfortunately, you won’t get VIP treatment as a fast food or shared hosting customer. Shared hosting companies make money off their volume of customers – so they could really care less about whether one account stays or goes.

 

With a shared account, “there is only so far a host will ‘bend over backwards’ for you,” explains Jonathan Bailey of Bloggingpro. “If you want a host that is willing to do more for you and work with you more, you need to consider spending more money.”

 

Reason #2 – The information is misleading.

 

Shared hosting may be sold as if it is designed for smart and healthy business growth. However, like fast food, the hosting companies that focus on shared hosting are simply trying to cut costs and sell as many of plans as they can. Does the burger you eat ever look like the one in the picture? Similarly, your shared plan might not live up to the way it’s sold. One example of unreasonable shared hosting expectations is the notion of unlimited resources, which is protected with “fair use” clauses in fine print.

 

Reason #3 – Performance.

 

A shared server cuts costs for all businesses by allowing numerous people to share the same resources. It would probably annoy you to be reliant on the same cellular data plan that is being used by all the other people on your block, but that is essentially the idea with shared hosting.

 

What if you suddenly need a huge amount of resources? Think about that issue of scalability. “If one website is taking up too many resources these servers have a failsafe and the website gets shut down to prevent others from being affected,” says Woody.

 

How is this like fast food? Well, fast food is intended, like other food, to provide you with energy. However, it may be likelier that a low-nutrition meal filled with additives will leave you with symptoms of anxiety and chronic fatigue syndrome. Don’t feed your site so many French fries and chalupas that it can’t get up off the couch.

 

Reason #4 – Security.

 

Security should really be viewed as a necessary priority in an era of increased hacking and open sourcing of DDoS botnet code. You may think you don’t need to worry about hacking until you grow more. However, it’s important to know how vulnerable a site of a small business is if it does get compromised: 3 in 5 small businesses are bankrupt six months following a hack.

 

A shared server does not have the kind of distinction, separation of data, that any business should really want. It’s not a particularly careful way to host sites. What if a malicious threat such as E. coli comes along and wants to enjoy your site? Don’t let your site get food poisoning from shared hosting.

 

Why Shared Hosting is Dangerous – Exploration of Attack Steps

 

My point in this article is of course not simply to draw this parallel with fast food. It’s to suggest that shared hosting is not the right choice just because it’s simple. Like the perils of eating the wrong types of food are best explained by looking at specific issues, as explored in Fast Food Nation or Super Size Me, it helps to look in a granular way at shared exploits to understand why these servers present a weak front.

 

The InfoSec Institute looks at the shared server from the perspective of the process through which someone might compromise a site. Here are the basic stages through which a hacker might go after your site:

 

Reverse IP lookup

 

Before a hacker actually goes after your site, they will perform what’s called reconnaissance. In this manner, you can see what domains are on the shared server.

To see all the sites that are running on your server, you can use various methods, including search engines, the Linux dig command, or a free service such as YouGetSignal.

 

Server CMS enumeration

 

The next step for an attacker is often to find sites with certain types of content management system (CMS), such as WordPress. A CMS is a standard point of entry for cybercrime.

 

To understand the typical path of an attack, you want a list of the sites that are using a certain CMS. You can get a list very easily – the platforms place their name and version information in the source code.

 

You (or a hacker) can actually just build the IP and CMS lookup into a script if you want.

 

Waging a CMS attack

 

Once you have a list of sites running a CMS, you can divide it up into ones that are running WordPress, Joomla, Drupal, etc.

 

You can use a vulnerability scanner to check for weakness on any CMS installation. Another place to get information is exploits that are on file at services such as Exploit Database.

 

The vulnerability scanner will quickly give you basic details that would be helpful in attacking the site. For instance, let’s look at the use of one for WordPress, WPScan. WPScan brings up the following information:

 

  • Active plugins
  • Active themes
  • Any detected TimThumbs (a known security issue)
  • List of usernames.

 

Note that one key way an admin panel is beaten is through brute force, leveraging the fact that many websites don’t use complex passwords. This method could use a list of the most popular passwords. You can even brute-force using WPScan if the login page doesn’t have a captcha in place.

 

“Based on the strength of your wordlist there is a high probability that the passwords of wordpress admin accounts will be cracked successfully,” notes the InfoSec Institute report.

 

*****

 

The above issues with shared hosting are disconcerting – especially since it’s clear that the security protection is insufficient for businesses. Luckily a shared server is not the only option on the market.

 

Do you want to drive by the fast food options and get hosting that will instead improve the strength and vitality of your business? At KnownHost, our high-quality managed VPS hosting plans offer fast servers and a 99.9% uptime guarantee at great prices. Compare plans.

Read More

Basic Security Features of Your New Site You Need to Know

Security on the web has been a huge topic of conversation for the past several months, if not years, though our last election cycle has seemed to really spotlight it for the general population. More people than ever have been exposed to a conversation that business owners and IT professionals have been engaged in for years which is trying to find the best ways to protect sensitive data from malicious attackers. The security of your customers and visitors is also of the highest importance. So, what do you need to know to get your new site up to speed as far as standard security protocols?

 

There are a few settings and features to be aware of as you explore the backend environment of your new VPS in an effort to bolster your security. This is a good point to throw in some caveats when we talk about the security of any website. There are no guarantees. Hacking attempts continually get more sophisticated and things can happen despite one’s due diligence. What the following is meant to do is to inform you of some best practices that will help keep your site more secure, but is it in no way a definitive guarantee that nothing will happen to your site if you do “X” things. Taking preventative steps is better than taking no action, of course, so use this information to your advantage.

 

Once you’ve logged into the hosting environment of your VPS, here are some things to keep an eye out for.

 

CSF/LFD

 

The good news about a lot of the terms and acronyms that are going to be coming your way is that they refer to things that are (or should be) already installed on your server. If they’re not, you can contact customer service to get it remedied. So, you won’t have to worry too much about making sure all of these things are in place yourself. Let’s start with CSF and LFD.

 

ConfigServer Security & Firewall (CSF) with Login Failure Daemon (LFD) is a security application that can be accessed through cPanel, which will already be established for you when you log in. CSF/LFD does a few things. It is a Stateful Packet Inspection (SFI) firewall and login and intrusion detector. CSF/LFD sends notifications in the event that something with some importance is potentially happening. That’s to say, getting an alert doesn’t mean you’re in the midst of an attack. But, something worth your attention is occurring.

 

LFD has a variety of useful features built into it that we’ll touch on briefly here. You can read more about these features and examples of the kinds of notifications you’ll receive at our wiki.

 

LFD will automatically perform IP blocks based on reasons that can be configured by the user. By default, you receive notifications each time an IP is blocked. Whether or not you want to disable this is up to you. Depending on your traffic and your filters, you might be getting alerted to things constantly, which would be a distraction. Make sure you’re confident in your configurations before doing this.

 

LFD “keeps an eye out” for things like too many failed login attempts within a short period of time, too many connection attempts being made from a single IP address, certain email issues as they pertain to volume, and successful login attempts through a variety of methods including cPanel or SSH.

 

SSL

 

Secure Sockets Layer (SSL) is maybe a bit more familiar to people because of its general acceptance as a must have for many sites, especially e-commerce sites where you’re handling sensitive customer information.

 

To explain the technology in brief, having an SSL certificate is important because it signifies you’ve put certain protections in place to ensure the safety of your customers’ information. SSL encrypts the path between the server and the client. When customers type in their credit card information to make a purchase on your site, for example, that information is transmitted securely thanks to encryption instead of the plain text it is transmitted as without SSL. Because one method of stealing information is intercepting it as it is transmitted, SSL is more or less a must have these days.

 

You’ll have to install your SSL through cPanel. To do this, you’ll need to generate a Certificate Signing Request (CSR) in cPanel which you can do by following our guide. The signing authority you purchase your SSL from will need that CSR to complete your certificate. You can then install the signed SSL certificate through cPanel. You can typically tell if a site has an SSL right from the address bar in your browser. There may be a lock next to the URL to indicate security, or you can look for https:// to precede the site’s address. The key detail there is the S as the unsecured http:// delineates no SSL. If you’re unsure that your SSL has been installed, there are sites online where you can type in your domain name and it’ll tell you.

 

User Decisions

 

Moving along from server issues to issues that are more user based, it’s important to be smart with your content management system (if you’re using one) as well. Popular CMSes like WordPress often find themselves targets of malicious actors because of how widely used they are. It’s important to do your due diligence and ensure that you are regularly updating your CMS’ core software as updates are released. The nature of open source software is such that updates come out frequently because the user base is always inspecting the code. Vulnerabilities can also come from that same public knowledge of the code. It’s important to be on top of those updates because they almost always include security and bug fixes. This need for vigilant updates also applies to plugins, extensions, and whatever other additional modules that your CMS allows you to install to expand functionality.

 

Additionally, if you have multiple users with access to your site, be sure to restrict access to the bare minimum so that they can perform their job. The fewer people that have full administrator access, the better. Passwords should also be complex, a random assortment of characters greater than ten, and not a duplicate of any other password you use for any other service. Password breaches are still one of the most common methods of unauthorized entry to a site. Most of the time it’s because the user was either phished or the password was something relatively easy to guess.

 

Finally, backups are critical. Your host may perform backups for you, but you should still manually save things yourself on a local drive whenever possible just to be doubly sure you always have your information in the event of something going wrong. As a best practice, one backup of something is never enough.

 

Conclusion

 

At KnownHost, we value customer satisfaction. That’s why we want to set you up for success. Whether it’s needing faster hosting solutions than you’re already using, you have questions about security, or you’re looking to establish a web hosting reseller business, we’re available to help. Contact our team today and we’ll get you setup with the hosting that you need.

Read More