Originally Posted by setishock
Even with a private server box on a private server farm, if some one wants in they'll find a chink in the armour and get in. Server security can be taken only so far and the rest is how secure you make your site. Use a top name program or have one custom written with security in mind.
is great software and out of the box is very secure. It's when mods are made or mods installed you open up some holes that tend to get hammered.
Bottom line a server and the site are only as safe as you'll make them.
I couldn't agree more!
Personally, I've got three takes on this.
If you're a small player, (like me) with just a couple of sites, you take the cheap option. I'm hosting on a shared server.
The site is custom written with security in mind, although that won't really matter if there is an exploit on the server (with someone else's site) or if a person with shell access has their account compromised, and there is some other bug that would let that compromised account get root.
The only personal data that I have on my site is Name and Email address as well as sign up IP, Sign up time, and from the Sign up IP a guess at location fro ma geoip database. so I don't have a lot of privacy concerns, and as far as I am aware am complying completely with the applicable UK law (my server is in the UK, and it's a co.uk website)
the reason I keep the name is so I can address news letter emails to people, I obviously need the email address to contact them, the rest of the information is purely for their benefit, when they follow an un-subscribe link their data is presented to them (so they can figure out how they signed up) the geo-location is for my benefit so I can run region specific sale events on an online store. (I hand off all payment processing to paypal).
2, if I stored anything more personal, (and I'm a small player still) then I need dedicated hosting, And run regular security scans against my server, AND update the server whenever new software comes out, AND have a test setup like my server so that I can evaluate new versions of software before I install on my server, AND have custom written security focused software.
(that means all form data escaped, all queries written such that if you expect a number, only number are allowed etc). -security is a journey and it doesn't just happen by itself!
3, when you're a big player, (I mean very big player) you come to a managed services company like I work for.
we design sites, and host sites, run monthly security scans, do security updates, take care of admin. talk to people like Akami for world wide caching etc...
When I say we design sites, I mean there is a separate department in the company for each of these things, not just one guy. there are teams of developers, teams of webmasters, teams of server admins (that's what I do), we have a security department responsible for running security scans and responding to threats. There is a team of DBAs etc... we sort out backups, have a 24 hour service desk, active monitoring, on call teams to respond to incidents. have guaranteed uptime, with real financial penalties.
The trouble is that it all costs money.
The shared server that I host my few sites on for a small home business my girlfriend runs is £14.99 a year. (like you I asked plenty of questions before signing up, -that half hour answering questions over the course of about 4 emails probably busted all their profit for the year!)
At work (the option 3) we don't really have many customers who aren't paying less than a couple of hundred thousand a year. (of course none are single servers!)