Does your web host have a responsibility to secure your website, or is their job limited to providing you with the hosting space and bandwidth? There’s no consensus on the answer. Some hosts are basic web hosting with no frills. Others – like NameHero – take security very seriously. We institute a host of protections that keep NameHero clients safe. But is it really the web hosts’ job?
Add-ons vs In-built Security
One way to solve this problem is to provide the option for additional security features as an add-on to the existing web hosting platform. A great example of this is backups. Personally, I feel that no web hosting is complete without a robust backup solution. NameHero has sophisticated backup mechanisms that are both automated, and still allow for manual snapshots.
But a lot of cheap web hosts don’t have this feature. Instead, they offer add-ons that cover this functionality. Many of them have tie-ups with solutions like CodeGuard. NameHero itself offers an add-on for DropMySite for additional security. So the add-on approach takes an à la carte approach. You pay extra for what you want.
Backups, however, are a bit different from security. One can argue that basic security is more urgent. It’s like someone renting you a storage container, and then not giving you a lock and a key with which to protect it! I feel that every web host should have a certain level of security. Just how much is of course the differentiator.
NameHero Security Has Multiple Facets
Security at NameHero works on three levels:
- Automated traffic monitoring
- File and folder scanning
- Patch management
Taken together, this 3-pronged approach is a comprehensive in-built solution for NameHero customers. While you can always invest in additional security options, the need is less urgent when your web host – in this case, NameHero – is already looking out for you and doing its best to keep bad actors at bay.
So what do these three approaches mean?
1. Self-Learning Firewall or WAF
A Web Application Firewall or WAF is a kind of firewall that you don’t need to specifically configure. With a normal firewall, you have to tell it what to look out for, what IPs to block, and what kinds of threats to watch out for. A WAF on the other hand is managed by the service provider and makes use of AI-driven technology to identify new threats. It’s monitored and updated daily.
WAFs are expensive! As an example, Cloudflare’s “Pro” plan includes a WAF and it starts at $20/m. NameHero security includes a WAF. And you don’t need an add-on to be protected!
2. File and Folder Scanning
NameHero’s real-time file scanning technology goes over each of your files with a fine-toothed comb looking for malicious code. Even when you migrate into a NameHero server from another web host, it checks to see if there’s anything suspicious going on. If it detects a threat, it takes steps to isolate those files before they can do (or continue to do) damage.
This kind of real-time scanning is something that other web hosts either don’t offer at all or only offer through a paid add-on.
3. File Patching Without Updating Software
Ideally, of course, you should always have the latest software updates. Unfortunately, this isn’t always feasible. You might have software that doesn’t work well with the new patch, for example. NameHero’s security system recognizes this, and patches files that would have gotten updated for well-known open-source software like WordPress. Only the security patches – nothing else! So your website won’t break because of it.
Taken together, these three prongs go a long way towards keeping your website safe. Not every web host offers security. But when it’s there, it sure helps you sleep easy!
I’m a NameHero team member, and an expert on WordPress and web hosting. I’ve been in this industry since 2008. I’ve also developed apps on Android and have written extensive tutorials on managing Linux servers. You can contact me on my website WP-Tweaks.com!