5 Web Hosting Questions
As with any business contract, it is important to ask questions that clarify the services being offered, who is responsible for various aspects of the operation and what measures are in place in case the “worst” happens. However, many people fail to ask even basic questions regarding the terms of their Web Hosting Provider, which could leave their website vulnerable to external and internal security threats.
Here are five questions you need to ask your Web Hosting Provider before your site goes live to maximize security, minimize downtime and maintain control over your content.
Do you automatically install security updates?
The major players in website hosting are working around the clock to identify and fix security vulnerabilities, and whenever they find a hole, they fix it with a patch. This is great if your web hosting provider installs those updates automatically. However, if they don’t, then your website is doubly at risk.
The first risk, of course, is people who maliciously exploit that vulnerability, usually as a phishing scheme or “scareware” (a form of digital vandalism).
The second risk comes when a company like WordPress, Joomla or Drupal identifies and patches a vulnerability, which is usually followed by a very public announcement indicating that a major security problem has been solved. If your Web Hosting Provider hasn’t automatically installed the patch, then your site is just as vulnerable as it was before.
The difference is that now there is a spotlight on the vulnerability and a roadmap for hackers who want to exploit it.
Do you provide back-up services?
Even if the answer is “yes” to question one, there are still risks and vulnerabilities that can either destroy the content of a website or create a situation where your site needs to revert to an earlier version.
Sometimes hackers find the vulnerabilities and exploit them before the good guys are able to identify and patch them. Other times, the patches themselves can cause problems or “break” your site because some of the updates might not be compatible with the way your site was originally built.
In either situation, a back-up of your website will be critical to quickly regaining control of your site without having to start from scratch.
Make sure that they are backing up both your files and your database, because you will need both to get your site up and running again.
A follow-up to this question should be: “Is there a fee for this service?”
If there is a fee, that’s not an automatic deal-breaker. The important thing is that the terms are clear and everyone understands the terms of the contract.
What is your Service Level Agreement?
The Service Level Agreement (SLA) is the most direct statement from a Web Hosting Provider indicating what the customer will receive including a guarantee on uptime (the opposite of downtime).
The first two questions – about updates and back-ups – are all measures to reduce downtime from outside threats, but there are times when your site will need to be down to install those updates and perform those back-ups. These behind-the-scenes maintenance activities are typically performed during periods of low site activity to minimize user disruption.
These temporary outages are unavoidable, but they can be minimized and it is important that the provider is able to guarantee a 98-99% uptime.
Anything less than this will start to have a negative impact on your site’s performance.
What is your security policy?
Along with the SLA, you should ask your Web Hosting Provider about their security policy.
So far we’ve been concerned with external threats, but the security policy will also outline the standards with which employees of the Web Hosting Provider will handle your site.
Customers put incredible amounts of trust in their Web Hosting Provider without hesitating, but internal security is one place where the customer should feel comfortable asking for specifics.
For example, you often trust your Web Hosting Provider (and its employees) with full access to your site at the admin level. You are smart, so you have developed the most secure password system in the world for you and your employees, but if the Web Hosting Provider is less scrupulous or uses silly, easy-to-remember passwords…
Your site is only as safe as its weakest password.
The security policy is a statement from your provider that their password policy is as secure as possible and that passwords aren’t being shared.
Is there a charge to export my site?
Managing a business is complicated. Your needs and budget will always be changing, and it is important to know that your website will be able to grow and change with you.
There is a common misconception that the customer owns the content and the host merely provides the digital real estate. If you don’t ask about the export policy up front, it’s possible that you could discover that the content of your site is locked into that site and either disappears when the contract isn’t renewed or will only be released to the new Web Hosting Provider for a fee.
This is a tactic that is used to make it as undesirable as possible to ever leave. It’s not a stretch to suggest that your website is being held hostage. It might be an effective strategy, but it’s not good business.
And it’s unnecessary.
If a Web Hosting Provider is satisfying your needs in the first four questions, then customers will stay with that host as a long-term business relationship – a point of stability in an ever-changing business landscape.
At LaunchUX, we pride ourselves on being a full-service host including security patches and back-ups with minimal downtime so you know that your site is in good hands. We don’t charge a fee to export your site because we will do whatever it takes to satisfy your web hosting needs.
Contact us today to discuss how we can launch your site – design, building and hosting – today.