Let’s say for a moment you’ve achieved many of your goals. One primary goal you will immediately have is to protect your house, car and your pets. So you install CCTVs, sufficient gating and maybe get a few guard dogs. You do this because security is one of the most significant measures you will need to safeguard what you love. The same is true for your website especially one on a Shared Hosting plan. Whether it is a WordPress or a small business site, you will need sufficient security from your web hosting provider.
There are different reasons why sites hosted with a Shared Hosting plan may be deemed as more vulnerable. In this article, we break down those reasons and share what you can do to protect your website if it’s hosted on a Shared Hosting plan.
What is Shared Hosting?
When a visitor accesses your website, a web server shares the content of your site: that is, the information, images and other media content that make up your website. Now servers are expensive to purchase and operate so to have a server run solely because of one website (especially simple text-based ones), would not yield many rewards for the web host. Furthermore, some websites only need a fraction of the resources provided by a web server. The bulbs went off and Shared Hosting was born. Shared Hosting then is a service where multiple websites ‘share’ one web server. For this reason, Shared Hosting plans are usually low because providers have the ability to host thousands of websites on one server.
5 Security Risks Of A Shared Hosting Plan
Here are 5 security risks that come along with Shared Hosting.
1. Shared Directory
Think of Shared Hosting as owning a room on an apartment building. To get to your room, there are many communal spaces that you will share with other residents like the lobby, elevator, hallways and so forth. If persons aren’t careful, unscrupulous persons can gain access to these spaces and eventually may present themselves as a threat to your room.
In the case of Shared Hosting, one directory exists that is shared by multiple websites. Although your content is different and comes with a separate domain, sharing this singular directory means that your site files are linked to other websites on the server.
Just like the apartment building analogy, if hackers gain access to this directory, all the sites are now vulnerable including yours.
2. IP Address Sharing
Another vulnerability is within Internet Protocol (IP) addresses. All computers and other devices used to access the internet has an IP address like 22.214.171.124 for example. Web servers used by web hosts also use an IP address. In the case of shared servers, all websites that are hosted on the server will have the same IP address. If the case should so arise that a website on this shared server commits an infraction say spams clients, the IP will be blacklisted and tagged as malicious.
As a result of this a number of things may happen:
- Flagged for malicious content. Your website will be recognized as by firewalls as malicious.
- Your emails will be sent to your clients spam because providers like Gmail will blacklist your IP address.
- Your website will be blacklisted by Search engines like Google (thankfully not one run by Raymond Reddington but just as serious) and your site will be regarded as insecure.
3. DDoS Attacks
Whenever there is an increase in traffic on a server that is shared, the operation of your site may become slow. Hackers in attacking a website can program malicious bots to spike the traffic on a website. If a hacker performs a Distributed Denial of Service (DDoS) on a website that is on a shared server, your website will be impacted.
4. Slow Load Time
Your website can become collateral damage if the shared server is hacked which in turn will directly impact your site’s performance. In this stead, the resources of the shared server is being used by that hacked site. This results in slowing down your website causing it to become inaccessible or unresponsive.
4 Ways To Protect Your Website
Now that we have outlined the security risks associated with Shared Hosting plans, let’s look at how to fix it.
1. Install a Security Plugin
If you decide on a Shared Hosting or not, this is one security measure you should implement on your website. A strong resistance against hackers is a reliable WordPress security plugin. If access to a shared server is gained by a hacker a security plugin will notice this activity and warn you.
2. Setup File Permissions
As outlined before, your files on a shared server are vulnerable as hackers will aim to invade your directories. This can be prevented by setting file permissions on your files so that you are the only one that can access your files. To do so, you will need to install cPanel in your hosting account.
3. Review your Shared Host
It will come in handy to conduct your independent research on hosting providers and reviewing the security measures they implement with their service. Another option is to contact their customer support center and actively inquire about information concerning security. Some providers have anticipated some of these concerns and have gone ahead and published an FAQ section on their site which you can review.
4. Block PHP Execution for Unknown Folders
The final recommendation is to Block PHP Execution where there are unknown folders. Hackers often use the programming language PHP to do their unscrupulous activity. As mentioned before, when they invade your privacy/breach your website folders, they have the ability to spam your clients and perform other nefarious acts. With this said, you can block unauthorized PHP access to your folders. This can be done manually or with your web hosting providers’ help.
Well there you have it, 5 security risks you should know about when using a Shared Hosting plan and ways to secure your website from these risks. The importance of security cannot be understated as it is one of the fundamental pillars to your websites’ success. Shared Hosting plans are great for small websites especially those that are new. However, as you see increase in traffic, you may want to consider upgrading to a VPS or Dedicated Hosting plan. With these plans, there are greater levels of security and performance. Employing these measures should keep your website secure on any Shared Hosting plan. It may be quite a different thing to protect your house on the hill though.