Results 1 to 10 of 10
  1. #1
    Join Date
    Sep 2006
    Posts
    96

    Shared Plans and ECommerce?

    I am looking at a medium shared plan, at Hostgator, to run a small co. ECommerce site. They are a local concern and I do not see heavy traffic for the site. The issue I have data security for the files and the data on mySql. Do the better hosts lock down their systems from most persistent attacks?

    I guess I need to know if major security issues would require me to move to a VPS or dedicated option? They cost more and I do not see that the traffic would justify the expense.
    Computer: A machine that can make the wrong decision faster that you!

  2. #2
    Join Date
    Nov 2005
    Location
    Boston
    Posts
    817
    I woud say that a good shared hosting provider normally considers security a priority, and mysql can be locked down pretty good. A VPS option would give you more flexibility in what you want but unless you have someone who knows security locking down a vps can be a chore.
    Dimension Servers / Toll-Free: 1-888-750-6942
    RapidSSL Cert Included with ALL Reseller & Ultra Accounts
    24x7x365 Unbeatable Technical Support!
    Shared CPanel Hosting // Reseller WHM Hosting Solutions

  3. #3
    Join Date
    Mar 2003
    Location
    New York City
    Posts
    7,406
    Hi,

    Most hosting companies are ecommerce friendly and if you're not processing credit cards directly through your own merchant account, any shared hosts should be fine as long as theres no confidential information stored such as "Credit Card Numbers" and so on.

    If you wish to process CC Directly you'll need to contact your host and have SSL Installed and so on.

    Good luck
    █• Taskade - To-Do List & Tasks All-in-One To-Do List & Mind Map App for Remote Teams
    █• Simple and shareable to-do lists for web, mobile, and desktop
    █• To-Do List Templates 300+ shareable templates and productivity workflows
    █• Get things done, faster and smarter! I eat penguins for breakfast ...

  4. #4
    Join Date
    Sep 2006
    Posts
    96
    I will plan to process CC ansd use SSL, also my shop encrypts the information.

    The mySql issue it access to customer name + other info stored on the database.
    Computer: A machine that can make the wrong decision faster that you!

  5. #5
    Very seldomly are quality hosting providers servers hacked. If you go with a reliable provider you should be fine

  6. #6
    Quote Originally Posted by dm_fw
    I guess I need to know if major security issues would require me to move to a VPS or dedicated option? They cost more and I do not see that the traffic would justify the expense.
    You can go with VPS or a dedicated server
    However, it will be worse if you don't know how to secure your box.
    PremiumReseller.com Hyper-V SSD VPS USA London Singapore
    Reseller Hosting Cpanel PURE SSD CloudLinux Softaculous
    Windows Reseller Asp.NET 4.5 MSSQL SmarterMail Enterprise

  7. #7
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Of course if your server's not managed properly then you're at risk whether it's shared or dedicated.

    Given equal quality of management, the additional risk with a shared account is that the bad guys can be one step closer to you by getting access to another account on the same server - either by signing up for an account or getting into one of your neighbours accounts through an insecure script.

    Personally I recommend a fully managed VPS as the minimum spec for handling credit card numbers. Your merchant provider may also have specific requirements.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  8. #8
    Quote Originally Posted by foobic
    Personally I recommend a fully managed VPS as the minimum spec for handling credit card numbers. Your merchant provider may also have specific requirements.
    This is very true and applies even if you aren't storing the credit card numbers. A professionally managed dedicated or VPS is a must. Unless you have experience, please don't try and manage it yourself. Also make sure you follow the credit card co's guidelines for dealing with cards, or they can and will fine you.

  9. #9
    Join Date
    Aug 2004
    Location
    Orlando
    Posts
    1,280
    If you store credit card numbers, be sure to encrypt them. There is a lot of good information for how to do this in the Technical and Security Issues forum.
    eVerity.com
    Celebrating 9 years of customer service. Domain names, shared/semi-dedicated/dedicated hosting, SSL certificates, merchant accounts, reseller options, and referral program, since July 2000.

  10. #10
    Quote Originally Posted by dm_fw
    I am looking at a medium shared plan, at Hostgator, to run a small co. ECommerce site. They are a local concern and I do not see heavy traffic for the site. The issue I have data security for the files and the data on mySql. Do the better hosts lock down their systems from most persistent attacks?

    I guess I need to know if major security issues would require me to move to a VPS or dedicated option? They cost more and I do not see that the traffic would justify the expense.
    the mysql with proper length password is secure. ftp login as well.
    for more security, put ur page in https. if they run the attack, will b harded.

    place more prevention at the webpage coding part. lockout. prevention. ip blocking etc.

    for vps or dedicated server, you hav to take care of the security issue.
    there will be like starting from scratch.

    i even seen some website running the sms code verification for login.
    you need to login, firstly request a sms key. sorry if this is out of topic. but that the thing can go to. even outside of web server.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •