Long story short, since weak passwords IME seem to be the major entry for hackers these days, I'm thinking I'd do away with them and set up a server that:

A) Regardless of operating system, requires more than a password for entry for anyone, SSH most likely or I'd investigate those dongle thingeys with random numbers.

B) Do away with web based admin outright (Hsphere, Cpanel, etc.) and work directly from either IIS or apache with the admins. I'll take requests from the end users on any special changes to their website. It may take longer and give my staff more work to do, but this kind of hosting would cost more anyways.

The appeal would be to people who have been or are very concerned about hackers on their site. I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

This is just a rough of my thoughts, any comments?

With the right marketing, it can become a niche product which is focused on security. You would need to find those customers who require a managed security solution to make the product fly. I think the ‘average’ customer will prefer price over security. You should focus on customers’ that are subject to policies such as HIPAA or PCI DSS.

There are some providers already doing what you describe. Many of the mid to high end managed hosting providers require VPN authentication in order to use SSH or RDP, and they don't typically provision any sort of standard web hosting control panel. They aren't marketing these as "hardened" hosting per se, but that's just how they operate. One company I've recently read about--but have no direct experience with--that markets highly secure managed hosting is FireHost (http://www.firehost.com/). And as 15MSjustin said, the customers that would most likely be interested in such a service will also be those that likely require PCI or HIPAA compliance, so you'd need to be able to demonstrate compliance with those standards as well.

You might even make your assets more at risk to would be hackers. It would almost be presenting a challenge for them to hack you.

You might even make your assets more at risk to would be hackers. It would almost be presenting a challenge for them to hack you.
That could be a good thing, they could have a board of failed hack attempts. OP has got to have a good team, and needs to find the right customers. I can't imagine this kind of service being cheap.

Long story short, since weak passwords IME seem to be the major entry for hackers these days, I'm thinking I'd do away with them and set up a server that:

A) Regardless of operating system, requires more than a password for entry for anyone, SSH most likely or I'd investigate those dongle thingeys with random numbers.

B) Do away with web based admin outright (Hsphere, Cpanel, etc.) and work directly from either IIS or apache with the admins. I'll take requests from the end users on any special changes to their website. It may take longer and give my staff more work to do, but this kind of hosting would cost more anyways.

The appeal would be to people who have been or are very concerned about hackers on their site. I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

This is just a rough of my thoughts, any comments?

What you are really talking about is simply a premium hosting service. Control panels though have very little to do with vulnerabilities - unless the control panel itself is flawed I guess (likely more of an issue with something like cPanel - where CP service runs on the same server as the clients data and services).

The reason I am commenting here, is because this is the type of business we have always ran, and has always been our niche.

What we did is ran hsphere - so, the control panel is not located on the same server. Each service runs on its own specialized role - and we produced our own hsphere packages and security rules so that we were always up to date and not reliant on a particular vendor. We then moved forward with things like CloudLinux (which is separating users into virtual containers, preventing compromises to spread amongst shared users) - as well as items like KSplice which keeps kernels up to date automatically and without reboots, etc, etc, etc..

Other security protocol include not allowing client SSH access in shared environments - and in dedicated/VPS/Cloud environments - requiring the end users who require SSH/RD access to have dedicated IPs and/or use our VPN service, etc...

one thing worth mentioning though - you can NEVER, EVER do this..

I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

a few problems here... 1) most compromises and site injections come from either an end user directly (ie compromised PC), or from bad coding the end user is running - and this coding may have been good 2 months ago, then a new whole is found, and whammo - users script gets injected - nothing you could do, except keep your firewall rules so tight, that nothing executes - might as well just shut down port 80. 2) OS system exploits - ie the recent CVE-2010-3081 Linux kernel exploit - where nothing you could do could stop a root level exploit on a typical shared server if hackers found you (until the server was patched - which of course, no patch was available for awhile).

Sorry to ramble here, but, I wanted to give you some insight on this model - it is a VERY good and VERY strong model - I recommend it for all providers starting up now - because quality always sells - it may be slower to start, but, your churn rate drops to next to nothing, and your margins are healthier, and typically, you get a higher quality type of customer..

But, be careful - do not bury yourself in non-scalable, admin types of tasks. doing everything manually will bury you before you can really get started. plus, customers - even the security conscious ones - want some sort of GUI. We chose Hsphere back in the day, and are currently building our own solution to meet this requirement. But, try to pick solutions where the CP is separated from clients services - and spend some time learning the control panels and how to secure them. We have NEVER had an exploit to customer sites or to customer servers from the control panel - this is certainly not only possible, but, not overly difficult either...

hope this helps..

The appeal would be to people who have been or are very concerned about hackers on their site. I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

If you did offer money back in the event of a hack, you would want to cover yourself with some extra language in your terms of service. Some website hacks are the result of poor end user client side security, not the result of server side security issues.

The most common hack we have seen in recent years has been one where mlaware on the client's PC sends the FTP login details to the hacker. Then the hacker simply uses those FTP login details to edit the user's website. No amount of server hardening will stop that, unless you deny FTP access to the user.

The problem I am describing can be solved by end users scanning their systems with an anti-malware tool like MalwareBytes. Also, if users don't store FTP login details in their FTP client software, then the malware won't be able to read those login details from the client's registry or config files.

Using sFTP won't help. The end user's FTP details get stolen from the config on the end user's computer. The hacker is not sniffing packets in this case. The hacker is simply reading the registry or config files to look up the FTP login details that were stored in the end user's favorite FTP client software.

there is no such thing as "hack proof". Even companies like Microsoft, Google and Facebook suffered from hackers.

If you want to offer your customers good security a good idea would be offering DDOS protection and daily remote backups.

I'd investigate those dongle thingeys with random numbers.


After that, I'd never buy hosting from you, especially if you were claiming to run a security based hosting company. First of all, Let me point out, there is no 'hack-proof' webhosting provider. Being online makes you a potential target, everyday there is dev of new exploits for different things. It really depends on what kind of service you run to be honest.


I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

You don't even seem to sure of being able to protect your clients 100%, so why market it? Honestly, this idea is rubbish. Marketing this would leave you in the ditch as I would like to say, if you start putting "Hack Proof 100%" and someone does get hacked. This could potentially lead to a lawsuit. I'd be very cautious of doing something like this. It may make you even bigger of a target for hackers, who want to mess with you a little? Push your buttons.



You might even make your assets more at risk to would be hackers. It would almost be presenting a challenge for them to hack you.


@VinceB,

The way you said it. Beautiful.

As far as advertising I wouldn't pitch the "Hack free or you money back guarantee" I am willing to bet a majority of the people can not afford the option to have their website hacked. If you think about it giving them a refund of $30 would almost be insulting after they just lost 1,000s of dollars. So I would more so pitch the "Getting hacked is not an option" or something along those lines.

I think the ‘average’ customer will prefer price over security.

I agree with Justin, this seems more like a niche market. With that said, I'm sure you will find a customer for it. :)

Some providers are already offering this, such as FireHost.

Before launching something like this I'd expect you'd have certified staff, enterprise grade hardware, network redundancy and good legal council :)

Some providers are already offering this, such as FireHost.

Before launching something like this I'd expect you'd have certified staff, enterprise grade hardware, network redundancy and good legal council :)

I second this. ;)

I agree with Justin he said quite correct

Long story short, since weak passwords IME seem to be the major entry for hackers these days, I'm thinking I'd do away with them and set up a server that:


Er no, the major entry of hackers is insecure websites, with bad programming and/or incorrect permissions on files/directories. NOT guessed passwords.

Its very easy to set good passwords with a password policy, but once your user uploads their own php files, they are taking security into their own hands.

Yes, weak passwords as a risk seem to be overrated. It's more likely that your site or server gets hacked because of insecure web applications or because of malware running on your local computer (keyloggers and such) used to grab your login credentials.

A couple tips for OP if they decide to go through with this, having been the other side of the fence as a teenager. This is possible, with due diligence. But if you miss a detail, you're totally screwed - it takes only one link to break for the chain to fall apart.

- DO NOT use FTP. It's horrendously insecure and always has been. Encourage SCP + public/private keys. AWS does this iirc. This protects against keyloggers and even if you did get infected, just revoke the public key and issue a new one once the box is clean.

- Allow only connections to your boxes via VPN (I think this was mentioned already). Use key based auth.

- Set up port knocking -- http://en.wikipedia.org/wiki/Port_knocking

- Set up Snort or similar. Set up database logging and realtime alerts. Keep it updated as often as possible, if you go with Snort then go premium. Half of the time you can catch break-ins before they happen.

- Chroot jails for apache, php, fastcgi etc.

- Run each service - Apache, FastCGI for PHP/Perl/etc, MySQL, on different servers. As in, different physical boxes. Hypervisors aren't inpenetrable, as geohot proved with the PS3.

- Use ACL's - as in, only allow logins from one IP. Or use time-based unlocking for file transfers/SSH. (We do this, and nobody even bothers trying any more.)

- For .NET it's a bit more tricky, but possible. Look into emulating the above steps on Windows.

- Require your users to update their CMSes regularly and impose penalties if they don't -- eg a warning system. This is "hardened hosting" after all and it takes the cooperation of everyone.

- Penetration test their code before allowing it to run publically.

- Keep an eye on Bugtraq/0dd mailing lists, sites like milw0rm, and appropriate IRC channels.

- Require ID for accountability.

There are many more things you can do, this is just scratching the surface. It's all about making sure you know what is happening on your boxes at all times, careful planning and cooperation from your customers.

You could incorporate port knocking for all non-public access.

Long story short, since weak passwords IME seem to be the major entry for hackers these days, I'm thinking I'd do away with them and set up a server that:

A) Regardless of operating system, requires more than a password for entry for anyone, SSH most likely or I'd investigate those dongle thingeys with random numbers.

B) Do away with web based admin outright (Hsphere, Cpanel, etc.) and work directly from either IIS or apache with the admins. I'll take requests from the end users on any special changes to their website. It may take longer and give my staff more work to do, but this kind of hosting would cost more anyways.

The appeal would be to people who have been or are very concerned about hackers on their site. I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

This is just a rough of my thoughts, any comments?



This would be a great Idea! It somewhat slip my mind,though I would be honest..It will be hard to start! ;)

there is no such thing as "hack proof". Even companies like Microsoft, Google and Facebook suffered from hackers.

Exactly,if this idea would be successful,then he'll be the 1st to do this!



You might even make your assets more at risk to would be hackers. It would almost be presenting a challenge for them to hack you.

This is the most exciting part there,if 'hackers' would accept this!! :)

DDoS protection
extra captchas in logins or passphrases
Extra strong password reqs.
USB dongles/keys might not work well... someone can upload a torrent with a buncha clients logins if they get a hold of it.

Long story short, since weak passwords IME seem to be the major entry for hackers these days, I'm thinking I'd do away with them and set up a server that:

A) Regardless of operating system, requires more than a password for entry for anyone, SSH most likely or I'd investigate those dongle thingeys with random numbers.

B) Do away with web based admin outright (Hsphere, Cpanel, etc.) and work directly from either IIS or apache with the admins. I'll take requests from the end users on any special changes to their website. It may take longer and give my staff more work to do, but this kind of hosting would cost more anyways.

The appeal would be to people who have been or are very concerned about hackers on their site. I might even go so far to establish a "no-hack" guarantee with penalties if someone does get hacked.

This is just a rough of my thoughts, any comments?

I think you'll find that most organizations that have a need for truly above and beyond security have an IT budget in the $X,XXX,XXX+ range. Your average hosting consumer obviously wants security, but not at a major sacrifice of functionality. I don't think this business model at the price range you've implied will work out well.

When you raise the security it tends to affect the flexibility of what softwares users can install. You would have a tough time going through the list of vulnerabilities when customers request different kinds of php software to be installed on their site. IMO, it would be tough to manually update most of the php softwares out there with out some kindoff control panel.

Have a look at standards like PCI DSS - www.pcisecuritystandards.org. Although the specs are designed specifically to protect credit card data rather than general security, it gives you a good idea of the sorts of things that need to be done to run a truly secure operation.

Sourceworx's list is a good start but there's more:

- vulnerability scans
- centralised and secure log collection
- actually reviewing the logs - every day
- reviewing the outputs of the IDS

Lots of organisations who do this sort of hosting end up outsourcing the security monitoring aspects as it is very specialised, onerous and expensive on a small scale, and (in my view) best left to those who can do it at large scale. Rackspace and Peer 1 for example both outsource their monitoring in this way.

Have a google for PCI compliant hosting, making sure it includes all the monitoring above. It's a growing market.

It is good, however, if you put that guarantee there, you will find most hackers trying to hack you lol, just attracting trouble.