There was once a time when the world of web browsing was ruled by Netscape Navigator and Microsoft Internet Explorer. Those days are fast becoming ancient history thanks to the veritable smorgasboard of browsers out there catering to everyone’s habits
On the whole browsers are completely free and offer a similar experience in that they find web pages and deliver them as quickly as possible. In addition to the regular suspects of Mozilla Firefox, Google Chrome, Internet Explorer and Opera there are plenty of new browsers ready to bring new perspective including Torch, Tor, Web Freer and various others.
To find you the best browsing experience we’ve gone through the list with a fine tooth comb and picked out what we think are the five best free browsers for Windows PC users in the world right now.
There’s no such thing as “nothing to do” in a well-run IT department. There may be stretches of downtime when your staff isn’t occupied with high priority tasks, but making good use of that time might make the difference between a business that maintains and one that excels.
Here are three types of projects that will both keep your IT staff busy and help the company run better as a whole.
Maintaining your own personal computer is reasonably easy. Maintaining 50 or more computers, most used by people who wouldn’t know a backup from a backdoor, requires significant investment in time and wetware. If you’re not creating a new system or putting out a fire, now would be a good time to do the boring chores of IT.
Check each PC to make sure that they’re all updated. Do their operating systems have all of the proper security patches? Are the applications up-to-date? The antivirus software?
Run diagnostic tests on all of your hardware. See what PCs are running hot and will therefore need a cleaning. Use a hard drive diagnostic program to predict drive failures before they happen.
The fact that you back up regularly doesn’t guarantee that your backup is any good. Test your company-wide backup system by restoring random files and drive images (on a spare drive, of course).
In tech, there’s always something new to learn, whether it’s programming languages, hardware, or the latest BYOD devices. Set up seminars where your IT staff can learn and stay abreast of relevant developments in their field, including new technologies and the latest in malware and security threats, so they can be better able to protect the company.
If you have the budget, bring teachers in from outside. If not, assign employees to give presentations on their strengths. For instance, you might have your top Ruby on Rails coder discuss his or her tricks and techniques, giving the rest of the crew an insight into how to better use this language.
Another option: Allow IT employees to attend training classes or conferences offsite on company time, and if possible, on the company dime. That way, each individual can gain skills, network with peers, and ensure your company is up to par with your industry.
Bring the IT staff together for a brainstorming session on how best to improve the company’s systems and workflow. Work together to examine how your network and company databases are designed, and reference them against similar companies. Note the weaknesses and bottlenecks. Implore your entire staff to contribute suggestions or complaints and aggregate their feedback to attain a more holistic perspective of your network’s performance.
Then, ask your IT staff how the systems should be designed in an ideal world. Many of the ideas will be unworkable; others unaffordable. But even those ideas might help inspire a solution that can be done and will improve the company. A proactive, forward-thinking approach to IT is often the only way to protect your processes from obsolescence.
Keeping your IT staff working during slow times does more than keep them busy. It keeps up morale, improves productivity, and results in a better company.
A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia, utilizing a startlingly advanced form of malware that is impossible to remove once it’s infected your PC.
Kaspersky Lab released a report Monday that said the tools were created by the “Equation” group, which it stopped short of linking to the U.S. National Security Agency.
The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013.
Countries hit the most by Equation include Iran, Russia, Pakistan, Afghanistan, India and China. Targets in those countries included the military, telecommunications, embassies, government, research institutions and Islamic scholars, Kaspersky said.
Kaspersky’s most striking finding is Equation’s ability to infect the firmware of a hard drive, or the low-level code that acts as an interface between hardware and software.
The malware reprograms the hard drive’s firmware, creating hidden sectors on the drive that can only be accessed through a secret API (application programming interface). Once installed, the malware is impossible to remove: disk formatting and reinstalling the OS doesn’t affect it, and the hidden storage sector remains.
“Theoretically, we were aware of this possibility, but as far as I know this is the only case ever that we have seen of an attacker having such an incredibly advanced capability,” said Costin Raiu, director of Kaspersky Lab’s global research and analysis team, in a phone interview Monday.
Drives made by Seagate Technology, Western Digital Technologies, Hitachi, Samsung Electronics and Toshiba can be modified by two of Equation’s hard disk drive malware platforms, “Equationdrug” and “Grayfish.”
The report said Equation has knowledge of the drives that goes way beyond public documentation released by vendors.
Equation knows sets of unique ATA commands used by hard drive vendors to format their products. Most ATA commands are public, as they comprise a standard that ensures a hard drive is compatible with just about any kind of computer.
But there are undocumented ATA commands used by vendors for functions such as internal storage and error correction, Raiu said. “In essence, they are a closed operating system,” he said.
Obtaining such specific ATA codes would likely require access to that documentation, which could cost a lot of money, Raiu said.
The ability to reprogram the firmware of just one kind of drive would be “incredibly complex,” Raiu. Being able to do that for many kinds of drives from many brands is “close to impossible,” he said.
“To be honest, I don’t think there’s any other group in the world that has this capability,” Raiu said.
It appears Equation has been far, far ahead of the security industry. It’s almost impossible to detect this kind of tampering, Raiu said. Reflashing the drive, or replacing its firmware, is also not foolproof, since some types of modules in some types of firmware are persistent and can’t be reformatted, he said.
Given the high value of this exploitation technique, Equation very selectively deployed it.
“During our research, we’ve only identified a few victims who were targeted by this,” Kaspersky’s report said. “This indicates that it is probably only kept for the most valuable victims or for some very unusual circumstances.”
Another of Kaspersky’s intriguing findings is Fanny, a computer worm created in 2008 that was used against targets in the Middle East and Asia.
To infect computers, Fanny used two zero-day exploits—the term for a software attack that uses an unknown software vulnerability—that were also coded into Stuxnet, Kaspersky said. Stuxnet, also a Windows worm, was used to sabotage Iran’s uranium enrichment operations. It is thought to be a joint project between the U.S. and Israel.
It’s unlikely the use of the same zero-days was a coincidence. Kaspersky wrote that the similar use of the vulnerabilities means that the Equation group and the Stuxnet developers are “either the same or working closely together.”
“They are definitely connected,” Raiu said.
Both Stuxnet and Fanny were designed to penetrate “air-gapped” networks, or those isolated from the Internet, Kaspersky said.
Man in the middle
The Equation group also used “interdiction” techniques similar to those used by the NSA in order to deliver malicious software to targets.
Kaspersky described how some participants of a scientific conference held in Houston later received a CD-ROM of materials. The CD contained two zero-day exploits and a rarely-seen malware doorstop nicknamed “Doublefantasy.”
It is unknown how the CDs were tampered with or replaced. “We do not believe the conference organizers did this on purpose,” Kaspersky said. But such a combination of exploits and malware “don’t end up on a CD by accident,” it said.
The NSA’s Office of Tailored Access Operations (TAO) specializes in intercepting deliveries of new computer equipment, one of the most successful methods of tapping into computers, wrote Der Spiegel in December 2013, citing a top secret document.
The German publication was one of several that had access to tens of thousands of spy agency documents leaked by former NSA contractor Edward Snowden.
Kaspersky uncovered the trail of the Equation group after investigating a computer belonging to a research institute in the Middle East that appeared to be the Typhoid Mary for advanced malware.
Raiu said the machine had French, Russian and Spanish APT (advanced persistent threat) samples on it among others, showing it had been targeted by many groups. It also had a strange malicious driver, Raiu said, which upon investigation lead to the extensive command-and-control infrastructure used by Equation.
Kaspersky analysts found more than 300 domains connected with Equation, with the oldest one registered in 1996. Some of the domain name registrations were due to expire, so Kaspersky registered around 20 of them, Raiu said.
Most of the domain names aren’t used by Equation anymore, he said. But three are still active. The activity, however, doesn’t lend much of a clue as to what Equation is up to these days, as the group changed its tactics in late 2013.
“Those three [domains] are very interesting,” Raiu said. “We just don’t know what malware is being used.”
Ten years ago, monitors were nothing more than necessary accessories. Today, they can be luxury items that dramatically improve all aspects of computing and content consumption. There are so many types of monitors that suit so many different needs.
Screen resolution, response time, panel weight: everything should be considered when choosing a personal device or an enterprise fleet. Unfortunately, all of these specs can be confusing. We’ve compiled this roundup to help you sort through the abundance of options available.
There is a lot to like about Acer’s 27-inch 4K display. The S277HK ($699, £452, AU$892) offers uncompromised performance in an elegant package. Although rear port placement and cable clutter may prevent the S227HK from making the cut in a minimalist front office, its good looks will make Acer’s offering an excellent companion in many workspaces.
With a 60 Hz, 4ms refresh rate at maximum resolution, the S277HK is a versatile monitor that could be used for productivity and play. Picture-in-picture mode, side-by-side screen mode, and a bezel-less design give users plenty of multitasking options with a single-display setup or with multiple S277HKs.
The Viewsonic VP2772 ($1,019, £599, AUS$1096) is a 27-inch SuperClear IPS panel that boasts a 2560×1440 QHD resolution that covers 99% of the Adobe RGB color space. Viewsonic created the perfect monitor for working professionals in the creative space, for video editors, design professionals, and print departments.
The size of this monitor is perfect for those who want a bigger screen, comparable to the Apple Thunderbolt Display, but without paying a high price. The VP2772 weighs 19.84 lbs (9Kg) without its base, and its dimensions are: 25.3″ x 18.5″ x 13.7″ (64.26cm x 46.99cm x 34.80cm). Viewsonic put multiple ports into the VP2772 including a Dual-Link DVI port, an HDMI 1.4 port, a mini-DisplayPort, and four USB 3.0 ports.
Internet Explorer is getting major repairs, as Microsoft has issued 41 patches to fix memory vulnerabilities in its browser.
The Internet Explorer patches are part of the company’s routine monthly release of security and bug fixes for its software products, called “Patch Tuesday.” Microsoft Office and both the desktop and server editions of Windows are also getting fixes in this batch.
Three of the bulletins are marked as critical, meaning they fix vulnerabilities that could be exploited by malicious attackerswithout user intervention. System administrators should tend to critical vulnerabilities as quickly as possible. These bulletins cover Internet Explorer and both the server and desktop editions of Windows.
All three collections of critical patches will require a reboot of the machine to take effect.
The patches in the Internet Explorer critical bulletin, which affects all versions of the browser, address the way the browser handles objects in memory. Microsoft has addressed the issue of memory vulnerabilities in its ASLR (address space layout randomization) technology. The patches add permissions validations to ensure Internet Explorer uses ASLR correctly.
Of the 41 Internet Explorer vulnerabilities, only one has been publicly disclosed, but it can only be used in conjunction with other vulnerabilities.
This approach is not unusual, said Wolfgang Kandek, chief technology officer for the Qualys IT security firm. These days, many attackers deploy “blended attacks” that use multiple vulnerabilities in conjunction with one another to compromise a system.
The remaining six bulletins are marked as important, which means they address vulnerabilities that could be exploited by attackers usually by requiring the unwitting participation of the user, such as by tricking him or her into clicking on a specially crafted Web page.
Organizations using Microsoft Office should inspect the bulletins issued this month that touch upon that software, Kandek said. One vulnerability, covered in MS15-012, allows an attacker to gain control of a system merely by tricking the user into opening a document, such as an email, with malicious code embedded inside.
One of the more unusual patches, MS15-011, covers a vulnerability in Windows group policy, which is configuration management technology that Kandek has never seen Microsoft patch before. It only affects larger enterprises that use domain controllers to manage fleets of Windows machines.
n the wrong hands, this vulnerability could be used to take control of large numbers of Windows machines within an organization, Kandek said. MS15-011 shows that Microsoft is digging deeper into its own code base to look for potential security weaknesses.
Microsoft found that the fix would be “too disruptive” to apply to Windows 2003, Kandek said, especially given that the company will stop supporting this operating system shortly. It is a good reminder for those shops still running the nearly outdated OS to update soon.
Intel is stepping up its efforts to build custom chips for online giants like eBay and Facebook, giving them a boost in performance and, Intel hopes, another reason to keep buying its microprocessors.
The chipmaker is working with the big online firms to embed programmable chips, called FPGAs, in the same chip package alongside its Xeon server processors. Those FPGAs can be programmed to run unique algorithms that each online firm depends on to run its services.
“For the right application, we believe FPGAs can provide an order-of-magnitude improvement in performance” over standard Xeon chips alone, said Diane Bryant, senior vice president and general manager of Intel’s data center division.
It’s a shift from Intel’s strategy in the past. Until a few years ago, all its customers got basically the same general purpose processors. They could select different clock speeds, core counts and other features, but everyone got the same basic chip design.
The rise of online giants like Google, Facebook, Amazon and eBay has changed that. Those companies run a relatively small set of applications, but they do so on a massive scale — a single workload might run across tens of thousands of servers. They also have a lot of buying power.
That alters the economics of the chip business. If a customer is buying thousands of servers for a particular workload, it becomes viable for Intel to optimize a processor for that task. And customers will pay a bit more if it lets them squeeze out a bit more performance or consume less power.
Intel has built custom chips for customers before. Last year it delivered about 15 unique designs, including processors for Facebook and eBay. But they involved relatively minor changes, such as disabling cores and adding extra I/O ports.
Integrating an FPGA (field-programmable gate array) with its Xeon chips is a step further. And in some cases, Intel will hardwire the instructions for the algorithm directly onto the Xeon itself, Bryant said.
It’s a new way for Intel to deliver custom chips, and this year it expects to deliver more than 30 unique designs, Bryant said. She was due to make the announcement at Gigaom’s Structure conference in San Francisco Wednesday.
It’s a smart move by Intel, said analyst Nathan Brookwood of Insight64. It gives its largest customers less incentive to license a competing chip design, such as the ARM architecture, and optimize that to run their algorithms instead, he said. IBM has also opened its Power8 design, which Google has been testing.
There are two ways customers can use the FPGAs, Bryant said. In one case, the online service provider deploys a Xeon package with the FPGA and tests a workload to ensure it delivers the desired benefits. If it does, Intel will burn the instructions onto the Xeon itself and manufacture the part without the FPGA.
The other use case takes advantage of the fact that FPGAs can be reprogrammed in the field. The service provider buys servers with the dual-chip package inside, and programs the FPGA depending on the workload they need to optimize. If their needs change later, they can reprogram the chip again.
Using FPGAs to accelerate workloads isn’t new, but they’re usually discrete components on the motherboard linked to the processor via PCIe. Integrating them into the chip package with Intel’s QPI interconnect reduces latency and allows the FPGA to access the Xeon’s on-chip cache and its main memory, Bryant said.
That doubles the performance gain that can normally be derived from the FPGA, compared to using it as a discrete component, she said.
Bryant said a handful of cloud providers are testing the FPGAs, though she wouldn’t name them. She also wouldn’t say whose FPGAs Intel will use, though it has a manufacturing partnership with Altera, making it a likely candidate.
It plans to begin production of the Xeon-FPGA chip packages soon, she said. They’ll be socket-compatible with standard Xeons, meaning customers can use them in standard servers.
She pointed to two trends that are driving the need for custom chips: the rise of large-scale cloud applications running across huge pools of servers, and the move to a more flexible, software-defined infrastructure.
Applications are changing faster than new chips can be designed and brought to market, Bryant said. “This is a great way for the silicon to keep up with the pace of software innovation,” she said.
Originally Published on infoworld.com
Author: James Niccolai
In order to provide you with greater flexibility and more database options, cPanel added MariaDB 10.0 database support to cPanel & WHM version 11.48 in the first quarter of 2015.
MariaDB acts as a MySQL® replacement, and all interface and API function calls that refer to MySQL will work seamlessly with MariaDB, too.
Please note that if you upgrade to MariaDB 10.0, you cannot revert to MySQL. The system cannot safely perform downgrades, and it considers MariaDB to be an upgrade from MySQL.
Also, please note that some of the interfaces will still display MySQL after you install MariaDB. In future releases, they will update the user interface to explicitly reference MariaDB if you decide to upgrade to MariaDB.
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites. SSL Certificates bind together:
A domain name, server name or hostname.
An organizational identity (i.e. company name) and location.
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. Depending on the type of SSL Certificate applied for, the organization will need to go through differing levels of vetting. Once installed, it is possible to connect to the website over https://www.domain.com, as this tells the server to establish a secure connection with the browser. Once a secure connection is established, all web traffic between the web server and the web browser will be secure. Browsers tell visitors a website is SSL secure via several visible trust indicators:
Extended Validation (EV) SSL Certificates (such as GlobalSign ExtendedSSL):
Standard SSL Certificates (such as GlobalSign DomainSSL and OrganizationSSL) display:
To view the details of an SSL Certificate, go to a secure site, click on the padlock and select “View Certificate”. All browsers are slightly different, but the Certificate always contains the same information.
To view the actual contents of the Certificate click the “Details” tab:
Click the “Certificate Path” tab to see which Trusted Root Certificate has been used to issue the SSL Certificate:
Why is the Root Certificate important?
SSL Certificates need to be issued from a trusted Certificate Authority’s Root Certificate, and preferably by a 2048 bit Certificate that’s widely distributed. The Root Certificate must be present on the end user’s machine in order for the Certificate to be trusted. If it is not trusted the browser will present untrusted error messages to the end user. In the case of e-commerce, such error messages result in immediate lack of confidence in the website and organizations risk losing confidence and business from the majority of consumers.
Companies like GlobalSign are known as trusted Certificate Authorities. This is because browser and operating system vendors such as Microsoft, Mozilla, Opera, Blackberry, Java, etc., trust that GlobalSign is a legitimate Certificate Authority and that it can be relied on to issue trustworthy SSL Certificates. The more applications, devices and browsers the Certificate Authority embeds its Root into, the better “recognition” the SSL Certificate can provide.
GlobalSign has, for over 15 years, been operating the GlobalSign Ready program for Root Certificate embedding. This program ensures its in-house engineers from America, Europe and Asia are in constant communication with the application, device and browser vendors to ensure the GlobalSign Root Certificate is present everywhere that may be used for SSL sessions.
The GlobalSign Root Certificate is marked for a number of intended purposes. This makes it a very strong and flexible Root Certificate able to perform all Public Key Infrastructure (PKI) related activities:
Ensures the identity of a remote computer
Proves your identity to a remote computer
Ensures software came from software publisher
Protects software from alteration after publication
Protects e-mail messages
Allows data to be signed with the current time
Allows data on disk to be encrypted
Allows secure communication on the Internet
Permits all key usage policies
GlobalSign provides PKI applications, products and services for all the above security functions. Should your organization have a specific PKI rollout or project, do not hesitate to contact us.
Most types of hosting entail storing files and data on a server, an actual piece of hardware housed in a datacenter. On one end of the hosting spectrum, you have shared hosting, where your site lives on a server with thousands of other sites, and they all share resources.
On the other end, you have dedicated hosting, where your site is the only one housed on a single server, and all resources are dedicated to your site alone. Virtual private server (VPS) hosting falls in between those two extremes.
To fully understand what VPS hosting is and how it works, you must first understand what a virtual private server is. Broken down into sections, you have:
Virtual – Not physical, but in this case, created by or related to software.
Private – Restricted to your use alone.
Server – The location where files and data will be stored.
The private part is self-explanatory. But when you put virtual and server together, it should become clearer that rather than a physical server, a virtual server is a server-type environment created by software.
How Does VPS Hosting Work?
This software-created emulation allows a virtual server to exist within a physical server, giving you a private space among the other sites on that server. The virtual private server runs on its own operating system, separate from that upon which the physical server runs. This is also sometimes called partitioning.
So while technically, your site is still on a shared server, the virtual private environment gives you some of the benefits of a dedicated server. If shared hosting is like living in an apartment, then VPS hosting is like having an apartment building all to yourself. Other residents still occupy spaces throughout the complex, but you have more privacy, more space, and more resources reserved solely for your use. Your space has been partitioned from the rest of the larger space and its residents. VPS hosting can be the best of both worlds, depending on your site’s needs.
How to Set up VPS Hosting
First, you must decide whether VPS hosting is your ideal option. You must also choose whether you want or need managed or unmanaged hosting, as these options are often available with VPS hosting plans. Once those decisions are made, and you’ve found the hosting provider you want to use, setting up VPS hosting is simply a matter of signing up and paying in advance for whatever hosting period you choose, usually one year at a minimum.
Once your VPS hosting account is up and running, you’ll connect your domain to the account, and your site will be ready for you to install a content management system, or program it by hand, if you have that capability and desire.
How to Choose VPS Hosting
Aside from standard features offered with VPS hosting plans, your selection may simply come down to cost, particularly if you opt for managed hosting, which can add substantial costs, depending on the hosting provider you choose. Make sure you’re getting your money’s worth, but at the same time, you don’t want pay for features or resources you don’t really need.
VPS hosting may be a better choice than shared hosting if you plan to build a medium- to large-sized site, or you need to move an existing medium- to large-sized site to a new host. VPS hosting will give your site more storage space for more data, and will allow it to run more quickly and efficiently. This can be especially important for e-commerce sites, or any type of site that sees a high volume of traffic.
Very large enterprise-level sites will usually benefit from dedicated server hosting. Depending on the growth rate of your site, you may opt for that with the thought that your site will “grow into” the vast space and features dedicated hosting offers. However, be careful because it will not be cost-effective to spend more on dedicated hosting you don’t really need yet when you can use VPS hosting as an intermediate step.
Do your due diligence to ensure you understand what you need, know what you can afford, and are aware of what you’re getting. Also, make use of the hosting provider’s sales team to ask questions and gather information before making your choice.
VPS Hosting Benefits
Depending on the hosting provider, you may still get some of the affordability and cost-effectiveness of shared hosting, while also getting features more often available with dedicated hosting.
Some of the benefits of VPS hosting include, but aren’t limited to:
A higher level of security and privacy than that offered by shared hosting
The ability to reboot your virtual private server when necessary, without affecting other sites housed on the physical server
Maintained uptime should other sites on the virtual private server go down; unlike a shared server, their failure will not affect your site
The ability to access the server to upload and install software
The hosting provider performs all maintenance on the hardware
You can choose the operating system you want to use
The ability to host multiple sites on the same virtual private server
The ability to customize firewall configurations
Note: Although the hosting provider will maintain the hardware, you may need a dedicated system administrator to manage the server and ensure its consistent and efficient functioning.
For additional costs, you may also be able to add features such as more disk space, bandwidth, or RAM, if the hosting provider offers them as separate features. These additional features may also be available in the form of plan upgrades.
If your host offers more than one VPS hosting plan, be sure to choose the one that’s going to offer you the most benefit for your site as it currently exists, and as you anticipate your site to be in the near future, say, six months to a year. This gives you a little room to grow.
If you underestimate your site’s growth or needs, you can always upgrade to a higher hosting plan should it become necessary sooner than you anticipate.
VPS Hosting Limitations
Although you have your own virtual private space, because of the fact that your site is still housed on a shared physical server, and thousands of other sites are also hosted on that server, resources may still be limited to a certain degree.
A virtual private server may experience limited*:
disk space (storage)
Again, some of these limitations may be alleviated by paying for additions to your hosting account. In addition, some applications and software may not perform well – or run on your site at all – if they’re not compatible with virtualized environments. If you know ahead of time what programs, applications, and software you’ll need to install and run, double check with your hosting provider to ensure compatibility.
*It’s not uncommon for hosting providers to offer “unlimited” features – email accounts, disk space, bandwidth, etc. However, these features are only unlimited insofar as your usage does not put an unreasonable burden on shared resources, and you do not abuse these “unlimited” features.
One word of caution: Be wary of hosting providers that offer VPS hosting at roughly the same prices as shared hosting. While it’s still a cost-effective option, and not as expensive as dedicated server hosting, VPS hosting should still cost a bit more than shared hosting. Its pricing should fall somewhere between the costs of shared and dedicated hosting. If it doesn’t, the hosting provider may not offer enough features to make it worthwhile, or may be intentionally failing to disclose that lack of features. Always do your research when selecting a hosting provider.
If you’re ready to go beyond shared hosting, but maybe you’re not quite ready for the power and cost of dedicated server hosting, consider VPS hosting as an interim solution. Depending on the type of site you have, you may even find it’s the ideal option for your site now, and for the foreseeable future.
If you’ve ever lived in an apartment, you already have a basic idea of what shared hosting is and how it works. You have your own space within a larger area, just like your neighbors. You have access to utilities and amenities, but you do have to share some resources with the rest of the complex. It’s for these reasons, though, that shared hosting is one of the more cost-effective and affordable Web hosting options.
How Does Shared Hosting Work?
Shared hosting is very much like apartment living. When you select a shared hosting plan, your site will live on a server with hundreds, possibly thousands of other sites. It will share resources such as bandwidth. This can have negative effects such as decreasing page-load speed, and can also make your site a little more vulnerable to security issues.
However, because you’re sharing space, and don’t have resources dedicated just to your site, the cost of hosting is reduced. In addition, just as apartment complex management takes care of things like landscaping and the community pool, you don’t have to worry about any kind of hardware maintenance or repair. The hosting provider takes care of all that for you, and what you and your server neighbors pay for hosting also goes toward those shared maintenance costs.
A shared hosting plan will offer everyone who selects that plan a set of basic features. But many hosting providers will offer additional amenities if you’re willing to pay extra fees. To use the same analogy of apartment living, this is sort of like paying a bit more in rent to have an apartment with a fireplace or washer-dryer hookups.
Adding services and features to your shared hosting plan also means your site will be using more resources on that shared server. Conversely, if other residents on that server select additional services, then they’re using up more resources, which leaves fewer resources for you and your site.
Of course, differences like this may not be noticeable on smaller sites. However, if you put a large, e-commerce site that sees thousands of visits per day on a shared server, a few things happen.
Your Site May Use Too Many Resources
Basic sharing principles apply in shared hosting. When you’re sharing space and resources with other people, you must be considerate of others, and not use more than your fair share of bandwidth and storage space. If you do, the other sites on that server may begin to experience slower load times, and difficulties in functioning.
Your Site’s Performance May Suffer
Because a shared server is set up to house thousands of sites, and share resources on a roughly equal basis, your site may be denied the resources it needs to load quickly and perform efficiently. If you’re running an e-commerce site, this can affect your sales and revenue because the more difficult it is for your customers to use your site, the less likely they’ll be to stick around and spend money on your products and services.
You May be Required to Upgrade
If your site, either through sheer size or traffic volume, begins hogging shared hosting resources, and it starts having a negative effect on the other sites that share your server, the hosting provider may require that you upgrade your hosting plan to one that will better accommodate your large site.
If you choose shared hosting, keep an eye on your usage and your traffic so you can upgrade your account if and when it becomes necessary. This will help you avoid any site performance issues, and will keep your site running at optimal levels.
How to Set up Shared Hosting
The process for setting up a hosting account is pretty similar regardless of the type of hosting you choose. The first step is to find a host you like. This is often going to be a very subjective decision because what you may feel is important in a host may differ entirely from what other site publishers think. Every site and site owner has different needs.
Once you’ve found a host that offers the features you need at your desired price, you simply sign up, connect your domain name to your hosting account, and you can begin building your website.
How to Choose Shared Hosting
You’re probably familiar with some hosts, either through their advertising, or by word of mouth. You can also perform a few basic Internet searches for phrases such as “shared hosting,” “affordable shared hosting,” and the like, which can bring a few more shared hosting providers to your attention.
Most hosting providers will list their features in easy-to-use tables, allowing you to compare plans based on the features they include, and how much they cost.
Find the hosts that offer the features you need and want in their shared hosting plans, and narrow the field down to a few options. Once you’ve decided on a host, it’s simply a matter of signing up for their service, and paying the fee.
Hosting—shared or otherwise—is usually advertised at per-month rates, but requires that you pay for at least one year at a time, in full and in advance, so be prepared.
Shared Hosting Features
Knowing what you’ll get with your shared hosting plan is an important to be able to choose the right host. If you sign up and pay for hosting, and then find out afterward that you’re unable to perform some function you need, you may be able to get out of the contract, but not without some hassle. Some hosts do offer full money-back guarantees, but also place time limits on those guarantees, so make sure you know what you’re getting before you sign up.
Most hosting providers offer similar shared hosting packages with features including, but not limited to:
Web-based control panel system – This makes it easy to install scripts, set up domain-based email, and do much more with your site without having to be a programmer.
Multiple operating system options – Many hosts offer the ability to choose between Linux and Windows operating systems, as well as a few others.
Programming language support – Your shared hosting plan may automatically support programming languages such as PHP, Perl, etc.
Databases – A lot of software requires that your site have access to a database such as MySQL.
Support – As you have less access to the server where your site resides, you may need to depend on your host’s support for assistance in uploading and installing software.
Shared Hosting Limitations
You may have to make a few trade-offs in order to take advantage of lower-cost shared hosting. Some shared hosting plans may have limitations including, but not limited to:
Limited storage space – Remember the apartment analogy. You get a certain amount of space to store your data, although you may be able to upgrade for additional fees.
No access to the root – If you need to upload and install custom software, you need access to the root domain, and this may not be available to you with shared hosting.
Limited bandwidth – This may not be an issue if your site is small, but if it begins to outgrow your bandwidth, page load times can slow down, and cause issues for your users.
Limited number of email accounts – If, for some reason, you need numerous domain-based email accounts, check to see whether your shared hosting plan limits them. Some do, while others don’t.*
*It’s not uncommon for hosting providers to offer “unlimited” features—email accounts, disk space, bandwidth, etc. However, these features are only unlimited insofar as your usage does not put an unreasonable burden on shared resources, and you do not abuse these “unlimited” features.
Shared hosting is where many site publishers start due to its affordability, and because it doesn’t make sense to pay high hosting costs for features and resources your small site won’t use. However, if you’re looking for a new host for a large, existing site rather than building a new site from the ground up, shared hosting will probably not be your best option.