Security

Recently, I have been thinking about security systems in general. My bank counselor tried to sell me online banking. Something, I have been reluctant to use for years since I have a deep mistrust in internet security. As far as this blog post is concerned, the counseling interview produced two interesting points:

In my earlier blog post "Using Druapl on shared hosting... Don't" I wrote about why, for security reasons, you should never ever even consider to use shared hosting plans in conjunction with a(ny) content management system. This time, let's talk about motives for attacking webservers and why you should take the risk of a break-in serious, even if your website is just a personal blog or a forum.

In principle, there are three main motivations for breaking into a webserver:

• Monetary gains
• Showing off

I recently had this brief and very frustrating discussion about whether or not you should advice prospective webmasters to go with a shared hosting plan instead of a virtual private server in order to host their Drupal website. The main argument against a VPS was that a server in untrained hands is an easy target for hackers, whereas a shared hosting plan comes with a system administrator who takes care of things like security patches.