Virtual Private servers are a way of dividing up a single physical server into hundreds of mini-servers that provide complete separation between individual user accounts on the system. This is in contrast to a shared hosting environment where many users share the same environment and the potential exists for conflicts and hackers to gain access to other accounts on the system. A virtual server is a way to gain many of the benefits of having your own physical server, but without a lot of the added costs.
A virtual server will benefit you in terms of security – you will be completely isolated from other users of the system. You will also benefit in terms of flexibility – because a virtual server is like having your own server and this means you can install anything you like on it. Having your own real server can be costly and difficult to administer – you will need to buy the hardware and keep it running by upgrading and replacing it regularly, you will need to install and configure all of the software as well as keep it up-to-date with the latest security patches. A virtual private server can provide you with all the benefits of having your own server without the associated costs.
First let’s cover the reasons why having a virtual server is good for security.
Back in the days when websites mostly consisted of static web pages and images, hosting on a shared server wasn’t a risk. Since then the web has evolved a lot, we now have dynamic websites with a complex mix of technologies – PHP, Javascript, AJAX, CSS, HTML. Some people term this Web 2.0. These technologies bring many benefits, but with them they also bring security risks. The more complex a system, the more the potential for programming mistakes which result in security holes. Whenever you install a web application, you may be exposing yourself to various unknown security holes in the software.
Since the time of static HTML pages, cyber-criminals have evolved too. Back in the 90s, the cyber-criminals were mostly individuals and small groups of teenagers who hacked to learn about the systems they were breaking into – malware (viruses etc.) was mostly only written to gain hacker ‘cred’. Now cyber-crime has evolved into a multi-million dollar business. Instead of teenagers writing viruses to impress their mates, we now have highly skilled teams of hackers working to infect the unsuspecting internet population’s computers with software which sends out spam, steals credit card numbers or simply displays annoying adverts which earn the perpetrator money – this is the new generation of malware.
This makes your website a targetWhy? Because any website with a significant number of visitors is a prime distribution channel for this malware. These teams of criminals are actively working to gain control of popular websites and use them to distribute their wares, all with the aim of making as much money as possible – this is a strong motivator. If they can, they will use your website to infect your visitors and customers with this software; this could have devastating effects for your customers, and ultimately for your bottom line.
How does a virtual private server protect me from these threats?In a shared hosting environment, there is a very fine line between each account on the system. The potential exists for any user of the system to gain access to any other account, if they can find a suitable security hole. Shared web hosts work very hard to shore up the dividing lines between accounts, but the truth is they’re fighting a losing battle without a completely new way of thinking about hosting environments. Criminals whose motivation is big fat piles of cash will always find new ways through their security and into your account, ultimately uploading malware onto your website and infecting your customers.
Using a technique called virtualization, a virtual private server provides completely separate hosting environment for each and every user on a shared system. There is absolutely no potential for one user of the system to affect any other user on the system in any way. Because you are confined to your own private server environment, you are completely isolated from any malicious users of the system. The potential for a criminal hacker to purchase an account on the same web host as you and break through their system and into your account is completely removed.
Let’s talk a little more specifically about some of the possible threats.
When you install a web application, you will often be told you make some part of it “world-writable”. This is because in a normal shared hosting environment the web server is run as a special user that would not normally have write access to your files. In order to have your web application save its data, you need to give the web server access to write to some of your files, unfortunately in a shared hosting environment this often means giving every single user on the system access to write to your files. In a virtual server environment, the web server runs ‘as you’, this means the only person who needs to have write access to your files is you!
A related problem is that many modern web applications require access to a database. In order to gain access to your database, they will need to have access to your database password. The most common way of providing web applications with your password is by putting it in a file that is readable by the web server. In a shared hosting environment this often means putting your database password in a file that is readable by the special web server user, again if the web server user has read access to this file, so does anyone else. A skilled criminal hacker will know this and will be able to use the web server to view your database password. Once they have your database password they will be able to change the content of your website at will.
Because of the nature of a virtual private server, even if you do find that you have to make files world-readable or writable, there will still be no way for any other user on the system to view them because of the segmentation between user accounts – they have no access at all to any of your files, no matter what permissions you set on them. This is a powerful security wrapper around absolutely anything that you choose to put online. These are just a couple of examples of the many ways virtual private servers protect the security of your website against the new generation of online threats.
Virtual private servers offer greater flexibility and control
Because a virtual private server is like having your own real server, you can install whatever you like on it without risk of it interfering with other users on the system (or them interfering with you). This gives you the flexibility to install complex web applications, the libraries or languages they depend on and configure them exactly the way you require.
A virtual server offers you the flexibility and control you would get by having your own server, but frees you from having to worry about the core operating system and hardware requirements. The web host handles all of the nitty-gritty details of the operating system for you and presents you with a clean and stable version of UNIX which you can use to do whatever you like. Even if the web host changes hardware or upgrades their operating system, the environment you are provided with never changes – this makes the task of administering your website much easier as you don’t have to keep up with a constantly changing hosting environment every time your host updates their system.
Although the added flexibility of a virtual server is an option, you do not have to make use of it. You can use a virtual private server in the same way you would use a shared web hosting account and still benefit from all the security improvements without having to learn any new techniques or technologies. The option to do some really advanced stuff is available to you, but you do not have to make use of it in order to benefit greatly from having a virtual server.
How can a virtual server save me money?
If you are looking at the option of purchasing your own web server, a virtual private server can provide many of the security and flexibility benefits, but significantly reduce your costs. You will not have to learn the complex system administration tasks associated with UNIX or Windows servers, you will not have to purchase and maintain expensive hardware - you will not have to do anything beyond your core business. Concentrate your attention on making your website the best it can be using the tools a virtual server can provide, don’t waste time learning systems that fall well outside your business interests.
The busier your site gets, the more it will become a target for malicious hackers and the more you stand to lose if they succeed and manage to take over your website. A virtual private server can protect you without any additional effort on your behalf, combined with sensible security policies you can forget about the worries of hackers breaking into your site and start worrying about more important things. It’s impossible to measure the amount of money you could have saved by taking a few simple steps – it’s not a huge extra investment, but the protection afforded could be priceless.
But what about unlimited domains?A lot of web hosts bundle the ability to host many separate websites under one account as a feature of a virtual server. In truth the two are not directly related and you can offer one without the other. At Digital Crocus we offer unlimited separate websites under one account as a feature of all of our packages.
At Digital Crocus, all of our accounts are virtual private servers; we offer this feature by default on all accounts as we feel it is a valuable and essential service in the modern internet age. We believe that standard shared hosting should be banished to the 90s as we usher in the new age of secure-by-default web hosting.
