9 Shared Hosting Security Best Practices

Shared hosting plans are so attractively affordable (ours 3-year plan starts at £1.99 per month!), that there has to be a catch. Right? How could anything that costs so little possibly be any good?

That’s what people are thinking when they tell you to avoid shared hosting, and, to tell you the truth, that advice is often sound. You should avoid shared hosting if you don’t trust your web hosting provider, because whatever security problems they’re having with their dedicated and VPS hosting plans will be magnified if you choose their shared hosting plan.

And that’s because of how shared hosting works:

What is shared hosting?

You probably already know that every website is stored on a server.

Because servers are expensive, most people don’t have their own servers. Instead, they use the servers provided by a web hosting company.

Web hosting companies let you store your website on their servers for a much lower price than you’d have spent if you tried to buy and maintain your own server.

With shared hosting, one server can host multiple websites, and all the websites on that server will share the server’s resources. That’s why we can offer shared hosting to you for such a low price: You’re sharing the cost with other website owners.

Is shared hosting insecure?

Shared hosting isn’t itself insecure. It’s a perfectly valid way to choose to store your website, especially if you’re a beginner or your web hosting budget isn’t that big. But if your web host doesn’t do enough to keep its servers secure, shared hosting is a particularly dangerous option, because all the websites on a shared server use the same resources.

The best web hosts will take special steps to keep their shared servers secure, so that you don’t have to sacrifice security just because you’re paying a lower price.

Here are some features you can look for to make sure your web host is protecting your shared hosting security:

9 shared hosting security best practices to look for in a web host:

9 Shared Hosting Security Best Practices 4

1. High uptime

A web host that guarantees high uptime is also likely to be a web host that cares about server security. To illustrate, the reason we are able to guarantee 99.9% uptime is that we’re constantly keeping track of our servers. We monitor our server software and hardware, and we replace equipment before it has a chance to get damaged.

This means our clients enjoy safer servers.

2. Frequent backups

If something does go wrong with your website, you’ll rest a lot easier knowing your website is backed up somewhere safe. Choose a hosting provider that offers frequent backups.

3. DDoS attack prevention

A DDoS (Distributed Denial-of-Service) attack is a kind of cyberattack in which a malicious person floods your server with traffic, which sucks up server resources and stops precious resources from getting to your website. This, naturally, creates downtime.

This is a particular vulnerability of shared servers, because websites are already sharing server resources (which means resources are limited to begin with) and because if even one website on the server is attacked, this can affect the other websites on the server.

That’s why it’s so important to look for a web host that offers DDoS attack prevention tools that can spot the beginning of a DDoS attack and take steps to prevent it.

4. SSL certificates

9 Shared Hosting Security Best Practices 5

An SSL certificate encrypts your data so that even if hackers do get their hands on your data, they won’t be able to interpret it. SSL certificates are so crucial to website security that you’re not even allowed to collect credit card information online if you don’t have an SSL certificate.

Even your search engine ranking is affected by whether or not you have an SSL certificate.

Choose a web host that uses an SSL certificate on their own website. Also, make sure your host offers SSL certificates for your website and that all their hosting plans (even their cheapest shared hosting plans) are compatible with SSL certificates. (You’d be surprised how many web hosts offer “free” plans that turn out to be incompatible with SSL certificates.)

Once you have your SSL certificate, be sure it’s properly installed, so you can protect your website.

5. Malware scanning and an antivirus

Malware is maliciously created software. Malware can do a host of unpleasant things to your website, including changing your site’s appearance and redirecting your users to untrustworthy websites. When your website is infected with malware, your reputation suffers, and, if you run an eCommerce website or rely on your website for revenue, your profits suffer, too.

To secure your website against malware, you need to choose a hosting provider that offers regular malware scans and a robust antivirus that can protect against the most common tools hackers use to weaken your website.

6. Firewalls

A firewall is a piece of software that prescribes certain rules for which traffic it’s going to allow and which traffic it’s going to block. A properly configured firewall works wonders to protect the security of your website. Firewalls are especially great because if a hacker even tries to look for a weak spot, the hacker is instantly blacklisted!

So, firewalls are a great sign that a web hosting provider cares about the security of their servers (and your website).

7. Domain name privacy

Good web hosts offer WHOIS domain name privacy, so that hackers won’t be able to get their hands on your private contact information just by searching the public registry of domain names. Choose a web host that offers this protection.

8. Website, network and server monitoring

A web host that monitors the security of your website, their networks and their server, is definitely a web host that cares about protecting the security of your website.

Good web hosts will check for unusual traffic that might signal a DDoS attack and will monitor their servers 24/7 for performance issues. If they detect that anything’s wrong, they’ll also act quickly to fix it. In fact, we react so quickly to the slightest sign that anything might be wrong that most of the time, you won’t even notice that anything was wrong in the first place!

9. Great customer support

Choose a web host with great customer support, so that if you notice that there’s something suspicious going on with your website, you’ll be able to communicate your problem to a customer support agent who can help you. We offer 24/7 customer support, so our customers can let us know as soon as something goes wrong, no matter what time of day it is!

Wrapping up

Shared hosting gets a bad rap for being the least safe web hosting option. While it’s true that VPS hosting and dedicated hosting are definitely more secure hosting options, this doesn’t necessarily mean that shared hosting is insecure.

If you follow our hosting security tips and choose a web hosting provider that values hosting security as much as you do, you can enjoy the low price of shared hosting and the peace of mind that comes with knowing your website is secure.