It’s not too surprising that the web is more complicated than most people are aware. There are some who probably still think that there is a single server delivering files that are just like any other document.

In reality, the web is made up of an ecosystem of different pieces of hardware and software. Most web pages are delivered with the help of a database and a lot of software to make it appear properly in your browser. After the content is assembled, it is usually cached for future use. The website might sit on a physical server or a virtual server. Busy sites might have many servers distributed in various data centers around the world.

Some static content may be delivered through a Content Delivery Network (CDN). This is a special network of servers where you can store your static content which will serve the file which will be fastest for the visitor.

Most small organizations just aren’t knowledgeable enough about their website to understand all the inter-related software and services that are involved, and why should they be, unless they are in the business.

It matters when people start thinking about securing their site. Far too often something is forgotten or not fully understood. We find that when people procure their own hosting solutions they assume that their provider is taking care of upgrades. Usually this isn’t the case, with the competitive nature of web hosting, generally all you can rely on is reliable power and Internet access.

The Linux kernel occasionally requires security upgrades which only take effect after the server has been restarted. Web servers like Apache and Nginx needed to be restarted after some upgrades too. Most organizations would like to have some control over when this is happening.

Sometimes updates have impacts on other pieces of the infrastructure. Countless websites have gone down because an upgrade was done on the server which impacted the sites which were hosted on it. With evolving languages like PHP, it is not unusual for functions to change names, have their functionality modified, or be deprecated and removed between releases.

Likewise, upgrades to CMS’s sometimes fail because they require more up-to-date versions of code on the server. For example, the performance improvements in PHP 7 are considerable. A lot of people will want to move to the latest code base for that reason alone, but don’t expect to be able to run your Drupal 7 site on it just yet.

Web hosting and application development are different fields, and one cannot simply outsource security upgrades for someone else to do. No web hosting company can “take care” of your server security in isolation of the application that is running on it. Ultimately, someone familiar with your website and its content needs to be involved in performing security upgrades.

Make sure you know what software you are using to deliver your website and keep it up-to-date. The need for organizations to understand security has never been higher.

Share on LinkedIn Share with Google+
More Articles

  • Thanks for a great article, Mike. One of the best things you can do to protect your website today is to take a backup of both the web files and the database and then store those files somewhere safe.

  • Agreed, website security is a concern that should not be taken lightly. Going with a reliable web hosting provider is a must. Trend of managed cloud
    hosting is increasing as it is cheap, reliable and easy to use. Cloudways is one of the best managed WordPress
    cloud hosting platform

  • I wanted to quickly reply to @8thsphere:disqus. Backing up your file system & database is great. Testing that you can restore your site from that backup is even better. Many people are surprised that backups aren’t always included with a web hosting account. Even if backups are being done by the web host, often it isn’t done in a rotation that allows the protection that people think they are paying for.

    How often you should back up your data (db & file system) really depends on how much risk you want to take. Do you need to back up monthly, weekly, daily? Can those backups be stored in the cloud. How often do you test that data?

  • Insightful article, Mike. Security is really an important factor to keep in mind while developing and hosting a website. Now a days, people are preferring cloud hosting because of its security and pay-as-use features. Here, the considerable point is to buy a hosting from a renowned hosting provider and ZNetLive is one of them I picked private cloud hosting from.

  • Daniel Henny

    This is very informative post . you can also know more about Custom Web Development Companies Coimbatore