Be Wary of Host Rating Sites

Doug — Thu, 28 May 2009 14:29:37 +0000

I don’t know about you, but when I look into purchasing a product or service, my first point of call is usually a quick google search. Terms such as: “ review” or “ sucks” will pretty soon let you know if your decision is going to be a potentially bad one. The great part about looking for information this way is that you’re less likely to come across biased (particularly financially) results that may give you the wrong impression.

It’s a sad fact that most, if not all host rating websites, are based on not how good a host is – but how much money the hosts pay to appear in their lists. That’s right. Hosts pay to have their names appear in the top 10 list. The number 1 spot? That’s right, like an eBay auction it goes to the highest bidder.

Please be wary of these so-called “host rating” websites. The best way to obtain an accurate representation of a hosting service is to utilise social methods. Take a look on Twitter, see what people are saying. Look on various forums, particularly www.webhostingtalk.com and discover what REAL people are saying about these services.

Good luck in your search.

Tweet This Post

Quick WordPress/Forum Admin Security Tip

Doug — Thu, 14 May 2009 00:54:33 +0000

WordPress, vBulletin, PHPBB, . All very fantastic scripts that work to make our websites even more awesome. It’s no surprise that with scripts this popular, security vulnerabilities are found from time to time. Whilst these are often not that serious, what can we do to make these even more secure?

One method we often try and implement around our own sites, and suggest to clients, is that they lock down the administration backends of their scripts via IP address. Now, this isn’t an ideal solution if you have a dynamic IP address or want to access things on the move, but it can certainly dramatically reduce the “hack” attempts on your websites, even if someone manages to obtain your password!

To explain what we mean, imagine a clean installation of wordpress. Most people know that to access the wordpress admin panel you simply add /wp-admin/ to the end of the URL, right? To add an additional layer of security, we can create a very simple .htaccess file in this wp-admin folder, denying all accesses but to a single IP address:

Deny from all # Deny access to everyone Allow from 127.0.0.1 # Allow our IP address ErrorDocument 403 http://www.google.com # Redirect

Simply broken down, this .htaccess file will deny everyone access to the wp-admin folder except for the IP address(es) listed in the “Allow from” lines. Anyone not in that list will be redirected to the URL From within the “ErrorDocument 403″ line. As you can probably guess, even if they have a valid username and password, it won’t make any difference. If their IP address isn’t in the file, they aren’t getting in!

To use this you would naturally replace “127.0.0.1″ with your IP address. Not sure what your IP address is? Find out here. Want to add multiple IP addresses? Just add multiple “Allow from” lines, one after the other.

A very quick and “dirty” tip, but one that can often be very useful for those with static IP addresses.

Tweet This Post

ThisWebHost - The Official Blog » tips

Be Wary of Host Rating Sites

Quick WordPress/Forum Admin Security Tip