learn.equalit.ie - User contributions [en]

Secure hosting guide

2014-05-18T18:24:08Z

Hugh: /* Step 3: Plan for contingency and threat mitigation */

__NOTOC__

This document is the result of a collaborative project between [http://www.huridocs.org/ Huridocs] and [https://equalit.ie eQualit.ie].

==Useful References==
* [https://github.com/OpenInternet/MyWebsiteIsDown/blob/master/MyWebsiteIsDown.md What to do when your website goes down]
* [http://en.flossmanuals.net/wordpress/ Biulding a Wordpress site] and then [http://moz.com/blog/the-definitive-guide-to-wordpress-security Guide to secure Wordpress set-up]
* [http://en.flossmanuals.net/video-hosting-guide-t/index/ Independent video hosting]

=Introduction=
Hosting a website that can withstand various malicious attacks and unauthorised access attempts is not an easy task. There are several approaches to mitigating digital threats and reducing your site's vulnerabilities. There is no one-fits-all solution however and the site's owners or administrators should plan for various contingencies well in advance, in lieu of their financial situation and technical expertise. This guide attempts to describe several scenarios and various approaches for secure hosting.

==Step 1: Decide on your level of technical expertise==
A lot of choices made within this guide will depend on your level of technical expertise dealing with server configuration and maintenance. You should evaluate your situation honestly and try not to exceed this level. We will use the following key to differentiate the difficulty associated with each type of activity.

*'''High Technical''' - multiple experiences of server administration, can confidently install/update server software; apache, mysql, mail server OR access to a consultant with these skills. Do not attempt to learn as you go!
*'''Intermediate Technical''' - some experience of server administration, can install and manage web services software via guides, can use ssh and commandline interface
*'''Basic Technical''' - no experience with server management. Can use software management interfaces such as CPanel

'''Required''' - basic knowledge about Internet infrastructure and addressing is required should you want to maintain anything on the Internet (Facebook, twitter, other social networks exempted) that is bound to last the test of time. Please read through [http://equalit.ie/esecman/appendix_b.html Appendix B - Internet explained] to get the basics and go on from there. You need to know a little bit about architecture before building your house.

==Step1: What are you planning to host?==
*[[Website]] - standalone website, blog, forum

==Step 2: What are your hosting options==
Each category will include details of hosting options for additional reference we include here core hosting types and a methodology for choosing a hosting provider:

*[[Choose a hosting provider]]
*[[Choose a name registrar]]
*[[Geography, lesgislation and terms of service]]

==Step 3: Plan for contingency and threat mitigation==
For each form of system use relevant threats and strategies to mitigate them are include. These approaches are ordered in terms of technical ability requirements. The following topics are relevant to all setups:

*[[Data_Backup|Data backup and recovery]]
*[[Access Restrictions]]
*[[Data Encryption]]
*[[Monitoring]]
*[[Webserver setup]]
*[[Secure connections]]
*[[Brute_Force_DDOS| Denial of Service and Brute Force attacks]]

[[Category: Secure Hosting]]

Website

2014-05-18T16:30:17Z

Hugh:

==Definition==
A website could be an organisation's main information portal - where they can publish material about themselves, their work and projects and articles or reports that they have produced. It can also take the simpler form of a standalone blog where content is shared with their intended audience, or may be represented as a forum or wiki where user generated content is published and shared.

An organisation usually depends entirely on their main website as their presence on the Internet and expects it to function at all times.

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">
==High Technical==
<div class="mw-collapsible-content">
===DIY CMS===
There are numerous well developed and 'continually maintained' content mangement systems that you can install and configure from scratch. They differ between their application and intended purpose, the majority however relying on a [http://en.wikipedia.org/wiki/LAMP_(software_bundle) LAMP] or [http://en.wikipedia.org/wiki/WAMP#Variants_and_equivalents_on_other_platforms WAMP] backend. Each CMS has its own particular requirements for webserver, database server and PHP configurations, as well as security considerations for them.

'''Benefits'''
*Total control of the CMS software, plug-ins, themes and preferred configuration
*Fine-grained access control and modification of CMS features

'''Downsides'''
*A whole software ecosystem to learn with every new CMS
*Responsibility for software updates and malware protection
*Responsibility for data security

'''Examples'''
* [http://codex.wordpress.org/Installing_WordPress| Wordpress.com] installation
* [https://civicrm.org/| CiviCRM] is an open source CRm environment intended for civil society use.
* [https://www.djangoproject.com/| Custom Django app], allows for creation quickly of high content, high functionality websites. Django's security systems re well [https://docs.djangoproject.com/en/dev/topics/security/| documented] and well integrated. Development of a Django app will require developer time and potentially also some design work.
* [https://drupal.org/| Custom Drupal site], again a ready made configurable solution, with a developed sense of security integration - though as with the other solutions security relies on a holistic approach including server side security.
'''Hosting Requirements'''
*[[Choose_a_hosting_provider#High_Technical]]

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Intermediary Technical==
<div class="mw-collapsible-content">
===Hosted CMS===

'''Benefits'''
* Dependent on hosting package, support and updates will be handled by provider reducing need for tech knowledge
* Straightforward and fast to setup
* Greater usability for low tech users
* Potential lower cost

'''Downsides'''
* Subject to terms and conditions of provider - controversial information or information that draws large scale attacks such as DDoS may cause provider to rescind service.
* No control of hardware systems
* Reliant on provider for software security updates to be applied
* Limited control of jurisdiction or geography area that site is hosted within.
* Reliance on providers support, which may not be available in local language

'''Examples'''
* [http://wordpress.com/ Wordpress.com]
* [http://wpengine.com/ WPEngine]
* [http://tumblr.com Tumblr]
'''Hosting Requirements'''
*[[Choose_a_hosting_provider#High_Technical]]
*[[Choose_a_hosting_provider#Intermediary_Technical]]

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Basic Technical==
<div class="mw-collapsible-content">

===Hosted website===
For a basic setup providing a content distribution platform such as a blog user's have the option of using existing free services such as Wordpress, Journoportfolio or similar.

Care should be taken when considering a free service that offers a hosted CMS. Some free hosted CMS will not offer a good experience as sites that are problematic or troublesome may be taken offline without notice and with no recourse as the provider is under no obligation to serve the user.

'''Benefits'''
* No technical barrier to entry
* Support provided by commerical company, with an interest in protecting their reputation both in terms of uptime but also in terms of avoiding security breaches
* Greater likelihood of support in local language - at least in terms of documentation

'''Downsides'''
* Lack of control of any systems underlying website
* Reliance on provider for support
* Subject to providers terms and conditions, which may restrict publications

'''Examples'''
* [http://squarespace.com SquareSpace]
*
*
'''Hosting Requirements'''

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Comparison Matrix==
<div class="mw-collapsible-content">

<div class="mw-collapsible-content">
{| class="wikitable" width="60%"
| style="padding: 10px;"|
| style="padding: 5px;"| '''DIY CMS'''
| style="padding: 5px;"| '''Hosted CMS'''
| style="padding: 5px;"| '''Hosted Website'''
|-
| style="padding: 10px;"|
| style="padding: 5px;"| High technical skill
| style="padding: 5px;"| Intermediary technical skill
| style="padding: 5px;"| Basic
|-
| style="padding: 10px;"|
| style="padding: 5px;"|
| style="padding: 5px;"|
| style="padding: 5px;"|
|-

|}
</div>
</div>
</div>

[[Secure_hosting_guide|Back to front page]]
[[Category: Secure Hosting ]]

Choose a hosting provider

2014-05-18T16:30:12Z

Hugh:

__NOTOC__
===Criteria===
*Price - relative services offered
*Reputation - are they well known, have they had security breaches or reports of poor support, do they adhere to certain principles inline with that of your organisation - such as data privacy or protection of human rights defenders.
*Specialisation - do they work in the field of human rights, software applications or general hosting
*Is mail provided
*Hardware specifications
*Operating systems offered
*Supported provided
*Readily discusses your security concerns and which security features and processes they offer with their hosting.
*Provides the most recent stable versions of all server software.
*Provides reliable methods for backup and recovery.
*Provides encryption options for hosting of sites or mail

==Secure hosting setups==
Depending on available skill level the following secure system setups are possible:

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">
==High Technical==
<div class="mw-collapsible-content">
===Dedicated Server===
For a [[Dedicated_Hosting | Dedicated Hosting]] system, the user can either run their own physical hardware or rent this hardware from a provider. The former solution offers total control of the physical hardware, however, there are significant downsides to this approach and should be avoided; it is only recommend under special circumstances such as [[Sensitive_Data | storing sensitive data]]. In the latter case, the hosting agent provides the hardware but the user has total control of the server via remote access. In this scenario, the provider is responsible for replacement of hardware parts that fail or malfunction - this support is generally done through a ticket system and relies on the user to report errors.

'''Benefits'''
*User has total control of the system's software
*User has total control of access rights
*User has control of physical network connection, allowing them to whitelist or block connection from allowed or spurious connections
*Financial cost of hardware malfunction is not an issue as the host is responsible for replacing/repairing failing hardware
*The host can be chosen to place the server in a different jurisdiction from that of the user to prevent seizure

'''Downsides'''
*The user does not have physical access to the server
*The host is not responsible for data loss or downtime if the physical server fails
*The user is responsible for detecting and reporting hardware faults on some providers
*The time taken to repair a hardware malfunction depends on the provider chosen. See [[Choosing_A_Host | Choosing a hosting provider]].
*The contract can be terminated by the host and access to the server can be terminated or suspended depending on the host's terms of use.

===VPS===
A Virtual Private Server(VPS) is an instance of a Virtual Operating System running on a much larger server. Typically multiple VPS will be run on a single server. In a VPS environment, you have a dedicated virtual private server but do not control the server on which it is hosted. Resources will be limited, you can not control or harden the outer server.

'''Benefits'''
*The cost of this type of server will typically be significantly cheaper than a dedicated server
*Depending on the host, the server will be capable of running most standard server software, up to a certain limit
*Hardware is managed by the hosting provider unless self hosting
*If self hosting, a single server can be used for multiple purposes and to provide multiple distinct servers

'''Downsides'''
*Processing power will be limited over a dedicated server but, depending on the hosting provider, should be capable of running small to medium capacity websites
*Bandwidth will also be restricted
*Potential risk of provider, law enforcement or other state forces accessing contents of virtual server without user's awareness.
*The user will not have access to the outer server and will thus not be able to harden it

===Threats===
*Social engineering attack
*Password brute force
*Service interruption through denial of service attack
*System software exploits
*SSL man-in-the-middle attacks
*Data loss or data theft

===Mitigation===
'''Password management''' is the core of any security strategy. For the dedicated and VPS hosting options, there are several modes of control that administrator can apply.
<ol>
<li>
Enforce strong password - a strong password should contain Upper and Lower case characters, Numbers and Special Characters and should be long; greater than 20 characters. It is also possible to restrict the use of previously used passwords. On Linux systems the following command can be used to force complex passwords for users:
</li>
password required pam_cracklib.so minlen=12 lcredit=1 ucredit=1 dcredit=2 ocredit=1

For more detail, refer to the guide [http://www.linux-faqs.info/security/force-strong-passwords| Force strong passwords]
<li>
Use password aging: the <tt>chaging</tt> command on Linux servers allows checking of password age by user and setting of password aging parameters [http://linoxide.com/linux-command/password-expire-chage-command/| link].
</li>
<li>
In some cases it may be prudent to enabled account locking for accounts that have been under particularly concerted attacks. On Linux systems, the faillog command can be used to check failures and to set failure limits. For more details see [http://www.cyberciti.biz/tips/rhel-centos-fedora-linux-log-failed-login.html| Faillog]. Great care should be taken when enabling user locking as an attacker can simply deny users access to their own services by intentionally locking an account. Generally it is better practice to ban the attacker before the need for account locking is encountered.
</li>
<li>
Use Password Management software - a tool such as Keepass, or KeepassX for Linux and Mac, allows users to easily generate, store and mange complex difficult to crack passwords. Refer to this guide for details on [https://securityinabox.org/en/keepass_main Keepass]
</li>
</ol>
'''User Management''' on dedicated or VPS systems allow administrators fine grained control of user login and access permissions.
<ol>
<li>
Root user login should be disabled by default - the <tt>sudo</tt> package should be installed and all superuser actions should be run through it.
</li>
<li>
Secure Shell(SSH) login should be forced, telnet and ftp login access should be disabled by default. To upload files to the server securely user can use Secure FTP(SFTP) clients.
</li>
<li>
Private keys should be used for SSH login access. The following guide gives details on generating and setting up public/private keys for SSH login, [http://support.suso.com/supki/SSH_Tutorial_for_Linux| SSH tutorial]. Once SSH keys have been set up for all relevant users, disabling password-based logins should be considered.
</li>
<li>
File permissions should be restricted for critical files. User should only be allowed access to files relevant to their work. Execution as root should be restricted. Discussion of [http://www.linux.com/learn/tutorials/309527-understanding-linux-file-permissions| linux file permissions].
</li>
</ol>
'''Software Management'''
<ol>
<li>
System software must always be up to date. Critical patches are released by software vendors and operating system providers on a regular basis. Updates frequently contain fixes for potential vulnerabilities and bugs, if your system is not up to date it may be at risk. A recent example of this is the SSL bug [https://heartbleed.com HeartBleed].
</li>
<li>
Minimising installed software is an important step in reducing potential vulnerabilities. The system should have the bare minimum of packages and software installed to support its purpose.
</li>
</ol>
'''System Management'''
<ol>
<li>
Firewall, iptables
</li>
<li>
Check listening ports
</li>
<li>
Logging and Auditing
</li>
<li>
Anti-intrusion system,
</li>
<li>
SELinux
</li>
<li>
fail2ban
</li>
</ol>
'''Apache'''
'''Database'''
'''Web app'''
brief desc for these three with link to web app guide
</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Intermediary Technical==
<div class="mw-collapsible-content">
===Hosted platform===
For organisation that wish to setup their own custom site based on an existing platform such as Wordpress.com, there are a setup of steps that should be taken to ensure a good level of security. The [[Choosing_A_Host | choosing a hosting provider]] guide should also be consulted.

'''Platform Security'''
<ol>
<li>
Limiting access - Making smart choices that reduce possible entry points available to a malicious person.
</li>
<li>Containment - Your system should be configured to minimize the amount of damage that can be done in the event that it is compromised.
</li>
<li>Preparation and knowledge - Keeping backups and knowing the state of your WordPress installation at regular intervals. Having a plan to backup and recover your installation in the case of catastrophe can help you get back online faster in the case of a problem.
</li>
<li>
Passwords
</li>
<li>
File Permissions
</li>
<li>
Admin user
</li>
<li>
SSL
</li>
<li>
SFTP client
</li>
<li>
Platform updates
</li>
</ol>
Hosting install of pre-built software platform, such as Wordpress,

===Shared Hosting===
In a [[Shared_Hosting|Shared Hosting]] environment, your and other website owners shared one server. This includes sharing the physical server and the software applications within the server. Shared hosting services are affordable because the cost to operate the server is shared between you and these other owners. There are, however, a number of down sides, such as being slower.

===Threat Mitigation===
</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Basic Technical==
<div class="mw-collapsible-content">
For a basic setup providing a content distribution platform such as a blog user's have the option of using existing free services such as Wordpress, Journoportfolio or similar.
===Threat Mitigation===
strong passwords, 2 factor auth,
</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">
==Comparison Matrix==
<div class="mw-collapsible-content">

<div class="mw-collapsible-content">
{| class="wikitable" width="60%"
| style="padding: 10px;"|
| style="padding: 5px;"| '''Dedicated Server'''
| style="padding: 5px;"| '''Virtual Private Server'''
| style="padding: 5px;"| '''Shared Hosting'''
| style="padding: 5px;"| '''Cloud Service'''
|-
| style="padding: 10px;"|
| style="padding: 5px;"| High technical skill
| style="padding: 5px;"| Requires Intermediary technical skill
| style="padding: 5px;"| Intermediary/Basic
| style="padding: 5px;"| Basic
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Allows disk/data encryption
| style="padding: 5px;"| Allows encryption within VPS
| style="padding: 5px;"| Limited or no control of data encryption
| style="padding: 5px;"| Depends on provider but usually not provided
|-
| style="padding: 10px;"|
| style="padding: 5px;"| SSH and private key login
| style="padding: 5px;"| Enforce secure login for VPS
| style="padding: 5px;"| Login via CPanel or Custom interface - some hosts offer 2 factor auth
| style="padding: 5px;"| Depends
|-
| style="padding: 10px;"|
| style="padding: 5px;"| User access control and restriction
| style="padding: 5px;"| User control
| style="padding: 5px;"| Control via user accounts added through management software
| style="padding: 5px;"| Control via management software
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Allows SSL cert, must setup and provide own cert
| style="padding: 5px;"| SSL cert, must setup and provide own cert
| style="padding: 5px;"| Allows only shared SSL cert, most host provide shared cert
| style="padding: 5px;"| Most host platforms will provide SSL support by default
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Total control of applications and software
| style="padding: 5px;"| Control of software within VM, limited access to hardware depending on type of VM
| style="padding: 5px;"| Application control only via management interface
| style="padding: 5px;"| Depends on cloud server - certain services with provide data access restrictions but this is a non-ideal scenario
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Manually maintained and updated
| style="padding: 5px;"| Server is patched but VPS remains responsibility of user
| style="padding: 5px;"| Patches and updates provided by host - though may lag behind depending on quality of hosting
| style="padding: 5px;"| Depending on scale of provider - patching and support will be provided to protect their reputation
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Limited supported - hardware support and replacement depending on provider
| style="padding: 5px;"| Similar to dedicated support
| style="padding: 5px;"| Support is generally in terms of management software - hardware is automatically monitored by hosts
| style="padding: 5px;"| Similar to shared though support is specific to the platform hosting
|-
| style="padding: 10px;"|
| style="padding: 5px;"| Anti-ddos and brute forcing via fail2ban, botnetdbp deployment
| style="padding: 5px;"| Provider may or may not mitigate DDoS attacks
| style="padding: 5px;"| DDoS attacks will receive some or limited mitigation depending on quality of host, generally they will not protect against large scale attacks and may force the website to be removed
| style="padding: 5px;"| Depending on the provider if the attack crosses their threshold for protection they may shut down the website or ask it to leave
|}
</div>
</div>
</div>

[[Secure_hosting_guide|Back to front page]]

[[Category: Secure Hosting]]

Data Encryption

2014-05-18T16:28:59Z

Hugh:

There are a number of options for data encryption for secure server hosting, however, for Shared Hosting or CPanel style hosts encryption options are very limited. For Dedicated/VPS hosting, administrator's have the option of encrypting the entire disk or encrypting portions where sensitive file data will be stored. We will explore both approaches, noting benefits and downsides for both.

==Whole Disk Encryption==
The major issue with whole disk encryption is that a reboot will require the entry of a password before the system is mounted. To be able to do this your provider would need to give access to the machine via a KVM, which allows remote access to a keyboard console as the machine boots. This is a non-standard setup and some providers may charge additional fees for it.

Advanced users using whole-disk encryption may set up the DropBear SSH daemon in their boot loader, which allows for the use

The significant benefit to whole disk encryption that if the machine is seized by outside parties they will have no access to the operating system or disk itself. This means that no data on the machine will be leaked in that eventuality. This also denies attackers the ability to modify most local system binaries to attempt to intercept passwords, provide backdoors or log user actions.

<ol>
<li>
The [|Linux Unified Key System(LUKS)] also for both full and partial disk encryption.

An in-depth tutorial for LUKS setup can be found [https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system| here] and a simpler one can be found [http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian| here]
</li>
</ol>
==Data Store Encryption==
An alternative to whole disk encryption is to encrypt specific portions of the disk containing the most sensitive data that must be protected. Care should be taken to encrypt both data at rest (ie a database, MySQL etc.) and "scratch" or temporary data storage (search engine technologies such as Solr, Memcached data stores etc.).

This removes the need for entry of a boot password on reboot but it does leave any elements of the disk not encrypted open to access if the machine is seized or compromised.

<ol>
<li>
The tool [http://www.arg0.net/encfs| encfs] runs in the user space and allows the creation of encrypted partitions. These partitions can be mounted once the system has been booted. The tool allows for very strict control over which users can access mounted information once a partition has been decrypted and is suited to applications where a specific user/process accesses the encrypted data.

The encrypted partitions can be defined at variable sizes and the sensitive datastores and applications can be run from within them once the partition has been mounted.

A guide for setting up <tt>encfs</tt> can be found [http://www.howtoforge.com/encrypt-your-data-with-encfs-debian-squeeze-ubuntu-11.10| here].
</li>
<li>
The Linux kernel offers support for <tt>ecryptfs</tt> partitions. These partitions are mounted like any other local filesystem, but with the benefit of the device being encrypted while unmounted. These partitions are mounted like other filesystems and not in user space so they cannot be mounted by unprivileged users.
</li>
<li>
The LUKS tool can also be set to encrypted only specific partitions and mounted in a similar way to <tt>encfs</tt>.
</ol>

Monitoring

2014-05-18T16:28:56Z

Hugh: Created page with "For both dedicated and VPS systems, monitoring should form a core component of a system's security policy. Monitoring can help detect when a security breach has happened, or w..."

For both dedicated and VPS systems, monitoring should form a core component of a system's security policy. Monitoring can help detect when a security breach has happened, or when one is about to happen.

There are many ways that a system can be monitored - a very popular option for large deployments of servers is [http://www.nagios.org/ Nagios]. The deployment and configuration of systems as complicated as Nagios is outside of the scope of this document.

==Email==
Email is, when used properly, a powerful tool for alerting administrators to anomalies within their systems. For this reason, it is important to set up proper local mail sending from your servers. This means that the command <tt>echo "test" | mail -s "Testing mail" youremail@some.site</tt> should send valid email to your email address (even if this mail goes to your spam folder).

==Local monitoring==
===Tiger===
The <tt>tiger</tt> package is a powerful (if not slightly dated) monitoring tool for Linux systems. It should be run on new servers to patch any default vulnerabilities or security issues, and after this point it should be configured to send email via the <tt>tigercron</tt> facility. This will run <tt>tiger</tt> scans regularly and will email administrators with warnings about changes in system state. This could, for example, warn administrators of ports that have recently started listening, suspicious processes that are running or users whose accounts have not been used in long periods of time.

===Lynis===
<tt>lynis</tt> is a tool that is quite similar to Tiger but is somewhat more comprehensive and is frequently updated. It should be run on an occasional basis or on new systems to check for any configuration íssues.

===Updates===
For some systems and setups, using automatic updates via the system's package manager may not be an optimal configuration option, due to specific configuration requirements, a desire to keep particular versions of software installed or fears over services reliability. To deal with scenarios like this, administrators should configure email alerts that warn when new packages are installed, particularly critical security updates.

The configuration of these tools varies by OS, but for example the <tt>apticron</tt> package offers this capability to a suitable level by default.

===Hardware warnings===
For users running dedicated hardware, it is vital that administrators be informed of issues related to hardware failure - particularly hard drive failure. Most Linux distributions will be using the <tt>mdraid</tt> system for sofware raid and administrators should ensure that their email address is properly configured in <tt>mdadm.conf</tt> and that the <tt>mdadm</tt> command's test mode delivers mail successfully.

Secure connections

2014-05-18T16:28:54Z

Hugh:

When communicating data to/from a server it is important that the infromation not be susceptible to man-in-the-middle attacks. If data is communicated over open, plain text mediums such as FTP or HTTP then that data can be intercepted and read by any entity on any of the networks that the information passes through; this can included Local Area Networks, ISPs, or National Entities

There are a number of steps that can be taken to protect communication channels to and from the server, though no system is 100% secure.

<ol>
<li>
'''SSL'''
If your website does not have an SSL certificate then all web traffic direct to your site will be unencrypted and potentially subject to snooping, either at the ISP level, at the level of your hosting provider or at a level that specifically targets your site's users locally (ie: local interception of their communications on a coffee shop's wireless network).

Secure Socket Layer(SSL) is a cryptographic protocol which allows secure client-server interactions. Once a secure session has been established between the client, for example your web browser, and the server, your website in this case, all the information that passes between the two is unreadable to external parties.

In order, to provide SSL for your website you must purchase an SSL certificate. This is a digital document that is signed by a recognised certificate reseller that uniquely belongs to your domain.

An added benefit of SSL certificates is that they can aid in preventing SSL spoofing. This occurs where a malicious websites pretend to be a legitimate website or a server pretends to be a legitimate holder of the SSL cert.

Most modern browsers will give a warning if an SSL cert has expired or is invalid - as in that it may be a spoof certificate.

One of the most commonly used SSL software packages on the Internet, OpenSSL, suffered a major security flaw in the shape of the [http://heartbleed.com/| Heart Bleed bug]. This left most websites using a certain version of OpenSSL open to an exploit. This incident highlights that no technology is 100% secure and requires constant monitoring.

</li>
<li>
'''SFTP'''
When transfering files to or from a remote server it is integral to security to use an SFTP client. This stands for Secure File Tranfer Protocol. In a similar manner to SSL it ensures that the communications to and from the server are not open to external individuals.
</li>
<li>
'''SSH'''
When connecting directly to a server, for example for command line access, it is imperative to use the Secure SHell protocol. As the telnet protocol provides no level of security and should be disabled. For further information see []
</li>
<ol>

Access Restrictions

2014-05-18T16:28:34Z

Hugh:

Restricting access to data based on roles, rights and responsibilities is an integral part of any security policy. It is equally true in the framing of secure hosting.

In this circumstance, access should be clearly separated into roles at different levels. When hosting a web application a separate password and user should be used for database access by the web application. The web application should never have root access to any other domain. In a similar way, real world users should be divided into roles and categories and non-should be granted full root access.

==Dedicated/VPS Hosting==

'''Password Management''' is the core of any security strategy. For dedicated and VPS hosting options, there are several modes of control that administrator can apply.
<ol>
<li>
Enforce strong password - a strong password should contain upper and lower case characters, numbers and special characters and should be long; greater than 20 characters. It is also possible to restrict the use of previously used passwords. On Linux systems the following command can be used to force complex passwords for users:
</li>
password required pam_cracklib.so minlen=12 lcredit=1 ucredit=1 dcredit=2 ocredit=1

For more detail, refer to the guide [http://www.linux-faqs.info/security/force-strong-passwords| Force strong passwords]
<li>
Use password aging, the chaging command on Linux servers allows checking of password age by user and setting of password aging parameters [http://linoxide.com/linux-command/password-expire-chage-command/| link].
</li>
<li>
Failed login attempts should result in the locking of the associated user account. On Linux systems, the faillog command can be used to check failures and to set failure limits. For more details see [http://www.cyberciti.biz/tips/rhel-centos-fedora-linux-log-failed-login.html| Faillog]
</li>
<li>
Use Password Management software - a tool such as Keepass, or KeepassX for Linux and Mac, allows users to easily generate, store and mange complex difficult to crack passwords. Refer to this guide for details on [https://securityinabox.org/en/keepass_main| Keepass]
</li>
</ol>
'''User Management''' on Dedicated or VPS systems allow administrators fine grained control of user login and access permissions.
<ol>
<li>
Root user login should be disabled by default
</li>
<li>
Secure Shell(SSH) login should be forced, telnet and ftp login access should be disabled by default. To upload files to the server securely user can use Secure FTP(SFTP) clients.
</li>
<li>
Private keys should be used for SSH login access. The following guide gives details on generating and setting up public/private keys for SSH login, [http://support.suso.com/supki/SSH_Tutorial_for_Linux| SSH tutorial]
</li>
<li>
File permissions should be restricted for critical files. User should only be allowed access to files relevant to their work. Execution as root should be restricted. Discussion of [http://www.linux.com/learn/tutorials/309527-understanding-linux-file-permissions| linux file permissions].
</li>
</ol>

==Shared Hosting==
<ol>
<li>'''Password Management'''
For shared hosting password managment is a core defence against attack. The administrator password should fit the criteria above for a strong password - long, variance in characters containing no dictionary words.

As above [https://securityinabox.org/en/keepass_main| Keepass] can be used to generate and store a complex admin password. This has the secondary advantage of limiting access to the admin password to those who are trusted with the Keepass store.
</li>
<li>
'''Restrict IP addresses'''

Depending on what version of CPanel your provider offers, it is possible to lock down access via [http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/DenyAccess| Host Access Control] option. This allows you limit access to very specific IP addresses.
</li>
<li>
'''User management'''
User accounts on a Shared Hosting system should be restricted only to those whose core responsibility is for updating or maintaining the organisations site.
Access information should, however, also be stored by the Organisation as part of their regular backups - in the event that the responsible party leaves the Organisation.
</li>
</ol>

Data Backup

2014-05-18T16:28:24Z

Hugh:

==Data Backup==

Backup is a core part of any digital security or hosting strategy. One of the most common causes of data loss, above hacking or malicious attack, remains accidental loss or loss through uncontrollable situations such as hardware or software failure.

Many hosting providers will provide backup mechanisms as part of a package but this should be confirmed. It will often incur an additional cost and should be considered as an aspect of the providers reputation.

'''Basic/Shared Hosting'''

In this scenario access to the server is restricted to Secure FTP(SFTP) and interfaces, such as CPanel.

*Backups of all site content and data should be taken on a regularly scheduled basis. It may be impossible to automate these backups depending on the web interface used, so reminders in calendars etc should be set to ensure that staff are aware of the need to make a backup copy.
*This data should be treated appropriately and stored either on a local backup disk in an encrypted volume or on a separate server also using an encrypted disk

'''Dedicated/VPS Hosting'''

There are a number of tools available for scheduled secure backup of site content and data where the user has access to the server directly.

These include Rsync, Bacula and [https://labs.riseup.net/code/projects/backupninja BackupNinja], for this guide we are going to recommend Backup Ninja in comparison with Duplicity, as this allows for incremental backups which are encrypted using GPG. This means that if the server that the data is being backed up to is compromised, the backed up information is still encrypted. However, this means that the GPG key used to encrypt the data should be stored both on the server being backed up and also offsite in order for its use in case of the need for the retrieval of backups. Additionally, Duplicity allows for differential backups - meaning that only changed data is updated reducing the time and foot print of each backup.

===Example configs===

==Data Recovery==

When using Backup Ninja and Duplicity restoring encrypted backups from a remote source is as simple as running

duplicity restore \
--scp-command 'scp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--sftp-command 'sftp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--file-to-restore path/to/folder scp://user@host.mybackup.de/path/to/backup/ \
localfolderforrestoredfile

Data Backup

2014-05-17T16:53:42Z

Hugh: /* Data Backup */

==Data Backup==

Backup is a core part of any digital security or hosting strategy. One of the most common causes of data loss, above hacking or malicious attack, remains accidental loss or loss through uncontrollable situations such as hardware or software failure.

Many hosting providers will provide backup mechanisms as part of a package but this should be confirmed. It will often incur an additional cost and should be considered as an aspect of the providers reputation.

'''Basic/Shared Hosting'''

In this scenario access to the server is restricted to Secure FTP(SFTP) and interfaces, such as CPanel.

*Backups of all site content and data should be taken on a regularly scheduled basis.
*This data should be treated appropriately and stored either on a local backup disk in an encrypted volume or on a separate server also using an encrypted disk

'''Dedicated/VPS Hosting'''

There are a number of tools available for scheduled secure backup of site content and data where the user has access to the server directly.

These include Rsync, Bacula and [https://labs.riseup.net/code/projects/backupninja BackupNinja], for this guide we are going to recommend Backup Ninja in comparison with Duplicity, as this allows for incremental backups which are encrypted using GPG. This means that if the server that the data is being backed up to is compromised, the backed up information is still encrypted. However, this means that the GPG key used to encrypt the data should be stored both on the server being backed up and also offsite in order for its use in case of the need for the retrieval of backups. Additionally, Duplicity allows for differential backups - meaning that only changed data is updated reducing the time and foot print of each backup.

===Example configs===

==Data Recovery==

When using Backup Ninja and Duplicity restoring encrypted backups from a remote source is as simple as running

duplicity restore \
--scp-command 'scp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--sftp-command 'sftp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--file-to-restore path/to/folder scp://user@host.mybackup.de/path/to/backup/ \
localfolderforrestoredfile

Data Backup

2014-05-17T16:51:11Z

Hugh:

==Data Backup==

Backup is a core part of any digital security or hosting strategy. One of the most common causes of data loss, above hacking or malicious attack, remains accidental loss or loss through uncontrollable situations such as hardware or software failure.

Many hosting providers will provide backup mechanisms as part of a package but this should be confirmed. It will often incur an additional cost and should be considered as an aspect of the providers reputation.

'''Basic/Shared Hosting'''

In this scenario access to the server is restricted to Secure FTP(SFTP) and interfaces, such as CPanel.

*Backups of all site content and data should be taken on a regularly scheduled basis.
*This data should be treated appropriately and stored either on a local backup disk in an encrypted volume or on a separate server also using an encrypted disk

'''Dedicated/VPS Hosting'''

There are a number of tools available for scheduled secure backup of site content and data where the user has access to the server directly.

These include Rsync, Bacula and [https://labs.riseup.net/code/projects/backupninja Backup Ninja], for this guide we are going to recommend Backup Ninja as it allows incremental backups encrypted using GPG. Additionally, it allows for differential backups - meaning that only changed data is updated reducing the time and foot print of each backup.

===Example configs===
==Data Recovery==

When using Backup Ninja and Duplicity restoring encrypted backups from a remote source is as simple as running

duplicity restore \
--scp-command 'scp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--sftp-command 'sftp -o IdentityFile=/home/phaidros/.ssh/id_rsa_duplicity' \
--file-to-restore path/to/folder scp://user@host.mybackup.de/path/to/backup/ \
localfolderforrestoredfile

Brute Force DDOS

2014-05-17T16:42:28Z

Hugh: /* Shared Hosting */

As well as hacking attacks on servers and infrastructures a common approach to block access by users to content is to perform a Distributed Denial of Service(DDoS) attack. This is a very effective tactic if the attacker has access to either their own botnet infractructure or the financial resources to pay for such an attack.

As DDoS attacks become more common the price of such attacks has dramatically plummeted with many individuals offering such attacks for as little as $10/day - depending on the target.

There are a number of mechanisms and tools available for DDoS mitigation depending on the type of hosting.

==Shared Hosting==

In this scenario, unless the provider offers DDoS mitigation services, it is best to seek the aid of an external group. Several groups provide free online services that offer complete DDoS protection for NGO, Journalist, Activist or Civil Society websites. The following roups provide completely free services.

'''Deflect.ca'''
Is a free(and will always be free) open source non-commerical system made for activists by activists. Sign up for a site is straight forward, simply visit [https://deflect.ca| Deflect].

Deflect is sensitive to the special requirements of its users and can upon request securely destroy all logs.

'''CloudFlare'''
This is a commerical system which also provides free services for civil society websites. As the site is commericial users are subject to their terms and conditions. It is a large, successful provider with many commercial clients. It is in its best interest to provide a strong service but free clients may not receive the same level of support as those who pay.

'''Project Shield'''
Is Google's offering in the DDoS mitigation space. Again it is backed by a large corporation with a great deal of resources at their disposal. For civil society websites its service is free. Project Shield is currently invite-only.

==Dedicated/VPS Hosting==

As above all websites can benefit from the special services of the above groups if they qualify for free protection. This is by far the simplest approach and places the work load with experienced professionals.

If, however, the user wishes to set up their own anti-DDoS system there are a number of open source tools that can help.

'''BotnetDBP'''
Is a suite of tools that evolves from the original fail2ban to offer a range of functionality. The core elements are a fast banning system, Banjax/Swabber, which is plugged into the Apache Traffic Server(ATS) proxy system. A machine learning tool, learn2ban, which is capable of identifying malicious botnet requesters based on pre-built models of attacks. And finally, Challenger, which offers the ability to respond to botnet, or suspected botnet, requests with either a Javascript challenge or a by serving a captcha page to determine the legitimacy of the request.

More information can be found [https://wiki.deflect.ca/wiki/BotnetDBP| here]

'''Open Source Deflect'''

Deflect itself can be deployed by individuals or groups to create their very own Deflect network. All is required is to follow the [https://wiki.deflect.ca/wiki/Deflect_DIY| Deflect DIY]

'''Fail2ban'''
Is a regex based banning tool that is extremely effective against DoS and brute force attacks. It is used in conjunction with IPTables to ban malicious requests that match its defined regular expressions. It can be found [http://www.fail2ban.org/wiki/index.php/Main_Page here]. fail2ban's default configuration enables it to block attackers attempting to brute force username and password combinations to the SSH service. If a server's SSH port is exposed to the open internet, then it is strongly advised that fail2ban or a similar tool be installed.

Against brute force password attacks fail2ban is an extremely useful tool. It can be set to ban IP Address that repeatedly attempt to access certain website pages, such as the login or admin pages.

Brute Force DDOS

2014-05-17T16:42:05Z

Hugh: /* Dedicated/VPS Hosting */

As well as hacking attacks on servers and infrastructures a common approach to block access by users to content is to perform a Distributed Denial of Service(DDoS) attack. This is a very effective tactic if the attacker has access to either their own botnet infractructure or the financial resources to pay for such an attack.

As DDoS attacks become more common the price of such attacks has dramatically plummeted with many individuals offering such attacks for as little as $10/day - depending on the target.

There are a number of mechanisms and tools available for DDoS mitigation depending on the type of hosting.

==Shared Hosting==

In this scenario, unless the provider offers DDoS mitigation services, it is best to seek the aid of an external group. Several groups provide free online services that offer complete DDoS protection for NGO, Journalist, Activist or Civil Society websites. The following roups provide completely free services.

'''Deflect.ca'''
Is a free(and will always be free) open source non-commerical system made for activists by activists. Sign up for a site is straight forward, simply visit [https://deflect.ca| Deflect].

Deflect is sensitive to the special requirements of its users and can upon request securely destroy all logs.

'''CloudFlare'''
This is a commerical system which also provides free services for civil society websites. As the site is commericial users are subject to their terms and conditions. It is a large, successful provider with many commercial clients. It is in its best interest to provide a strong service but free clients may not receive the same level of support as those who pay.

'''Project Shield'''
Is Google's offering in the DDoS mitigation space. Again it is backed by a large corporation with a great deal of resources at their disposal. For civil society websites its service is free.

==Dedicated/VPS Hosting==

As above all websites can benefit from the special services of the above groups if they qualify for free protection. This is by far the simplest approach and places the work load with experienced professionals.

If, however, the user wishes to set up their own anti-DDoS system there are a number of open source tools that can help.

'''BotnetDBP'''
Is a suite of tools that evolves from the original fail2ban to offer a range of functionality. The core elements are a fast banning system, Banjax/Swabber, which is plugged into the Apache Traffic Server(ATS) proxy system. A machine learning tool, learn2ban, which is capable of identifying malicious botnet requesters based on pre-built models of attacks. And finally, Challenger, which offers the ability to respond to botnet, or suspected botnet, requests with either a Javascript challenge or a by serving a captcha page to determine the legitimacy of the request.

More information can be found [https://wiki.deflect.ca/wiki/BotnetDBP| here]

'''Open Source Deflect'''

Deflect itself can be deployed by individuals or groups to create their very own Deflect network. All is required is to follow the [https://wiki.deflect.ca/wiki/Deflect_DIY| Deflect DIY]

'''Fail2ban'''
Is a regex based banning tool that is extremely effective against DoS and brute force attacks. It is used in conjunction with IPTables to ban malicious requests that match its defined regular expressions. It can be found [http://www.fail2ban.org/wiki/index.php/Main_Page here]. fail2ban's default configuration enables it to block attackers attempting to brute force username and password combinations to the SSH service. If a server's SSH port is exposed to the open internet, then it is strongly advised that fail2ban or a similar tool be installed.

Against brute force password attacks fail2ban is an extremely useful tool. It can be set to ban IP Address that repeatedly attempt to access certain website pages, such as the login or admin pages.

Brute Force DDOS

2014-05-17T16:38:46Z

Hugh: /* Shared Hosting */

As well as hacking attacks on servers and infrastructures a common approach to block access by users to content is to perform a Distributed Denial of Service(DDoS) attack. This is a very effective tactic if the attacker has access to either their own botnet infractructure or the financial resources to pay for such an attack.

As DDoS attacks become more common the price of such attacks has dramatically plummeted with many individuals offering such attacks for as little as $10/day - depending on the target.

There are a number of mechanisms and tools available for DDoS mitigation depending on the type of hosting.

==Shared Hosting==

In this scenario, unless the provider offers DDoS mitigation services, it is best to seek the aid of an external group. Several groups provide free online services that offer complete DDoS protection for NGO, Journalist, Activist or Civil Society websites. The following roups provide completely free services.

'''Deflect.ca'''
Is a free(and will always be free) open source non-commerical system made for activists by activists. Sign up for a site is straight forward, simply visit [https://deflect.ca| Deflect].

Deflect is sensitive to the special requirements of its users and can upon request securely destroy all logs.

'''CloudFlare'''
This is a commerical system which also provides free services for civil society websites. As the site is commericial users are subject to their terms and conditions. It is a large, successful provider with many commercial clients. It is in its best interest to provide a strong service but free clients may not receive the same level of support as those who pay.

'''Project Shield'''
Is Google's offering in the DDoS mitigation space. Again it is backed by a large corporation with a great deal of resources at their disposal. For civil society websites its service is free.

==Dedicated/VPS Hosting==

As above all websites can benefit from the special services of the above groups if they qualify for free protection. This is by far the simplest approach and places the work load with experienced professionals.

If, however, the user wishes to setup their own anti-DDoS system there are a number of open source tools that can help.

'''BotnetDBP'''
Is a suite of tools that evolves from the original fail2ban to offer a range of functionality. The core elements are a fast banning system, Banjax/Swabber, which is plugged into the Apache Traffic Server(ATS) proxy system. A machine learning tool, learn2ban, which is capable of identifying malicious botnet requesters based on pre-built models of attacks. And finally, Challenger, which offers the ability to respond to botnet, or suspected botnet, requests with either a Javascript Challenge or a by serving a Captcha page to determine the legitimacy of the request.

More information can be found [https://wiki.deflect.ca/wiki/BotnetDBP| here]

'''Open Source Deflect'''

Deflect itself can be deployed by individuals or groups to create their very own Deflect network. All is required is to follow the [https://wiki.deflect.ca/wiki/Deflect_DIY| Deflect DIY]

'''Fail2ban'''
Is a regex based banning tool that is extremely effective against DOS and Brute force attacks. It is used in conjunction with IPTables to ban malicious requests that match its defined regexs. It can be found [http://www.fail2ban.org/wiki/index.php/Main_Page| here].

Against, Brute Force Password attacks fail2ban is an extremely useful tool. It can be set to ban IP Address that repeatedly attempt to access certain website pages, such as the login or admin pages.

Website

2014-05-17T16:37:45Z

Hugh:

==Definition==
A website could be an organisation's main information portal - where they can publish material about themselves, their work and projects and articles or reports that they have produced. It can also take the simpler form of a standalone blog where content is shared with their intended audience, or may be represented as a forum or wiki where user generated content is published and shared.

An organisation usually depends entirely on their main website as their presence on the Internet and expects it to function at all times.

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">
==High Technical==
<div class="mw-collapsible-content">
===DIY CMS===
There are numerous well developed and 'continually maintained' content mangement systems that you can install and configure from scratch. They differ between their application and intended purpose, the majority however relying on a [http://en.wikipedia.org/wiki/LAMP_(software_bundle) LAMP] or [http://en.wikipedia.org/wiki/WAMP#Variants_and_equivalents_on_other_platforms WAMP] backend. Each CMS has its own particular requirements for webserver, database server and PHP configurations, as well as security considerations for them.

'''Benefits'''
*Total control of the CMS software, plug-ins, themes and preferred configuration
*Fine-grained access control and modification of CMS features

'''Downsides'''
*A whole software ecosystem to learn with every new CMS
*Responsibility for software updates and malware protection
*Responsibility for data security

'''Examples'''
* [http://codex.wordpress.org/Installing_WordPress| Wordpress.com] installation
* [https://civicrm.org/| CiviCRM] is an open source CRm environment intended for civil society use.
* [https://www.djangoproject.com/| Custom Django app], allows for creation quickly of high content, high functionality websites. Django's security systems re well [https://docs.djangoproject.com/en/dev/topics/security/| documented] and well integrated. Development of a Django app will require developer time and potentially also some design work.
* [https://drupal.org/| Custom Drupal site], again a ready made configurable solution, with a developed sense of security integration - though as with the other solutions security relies on a holistic approach including server side security.
'''Hosting Requirements'''
*[[Choose_a_hosting_provider#High_Technical]]

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Intermediary Technical==
<div class="mw-collapsible-content">
===Hosted CMS===

'''Benefits'''
* Dependent on hosting package, support and updates will be handled by provider reducing need for tech knowledge
* Straightforward and fast to setup
* Greater usability for low tech users
*

'''Downsides'''
* Subject to terms and conditions of provider - controversial information or information that draws large scale attacks such as DDoS may cause provider to rescind service.
* No control of hardware systems
* Reliant on provider for software security updates to be applied
* Limited control of jurisdiction or geography area that site is hosted within.
* Reliance on providers support, which may not be available in local language

'''Examples'''
*
*
*
'''Hosting Requirements'''
*[[Choose_a_hosting_provider#High_Technical]]
*[[Choose_a_hosting_provider#Intermediary_Technical]]

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Basic Technical==
<div class="mw-collapsible-content">

===Hosted website===
For a basic setup providing a content distribution platform such as a blog user's have the option of using existing free services such as Wordpress, Journoportfolio or similar.

Care should be taken when considering a free service that offers a hosted CMS. Some free hosted CMS will not offer a good experience as sites that are problematic or troublesome may be taken offline without notice and with no recourse as the provider is under no obligation to serve the user.

'''Benefits'''
* No technical barrier to entry
* Support provided by commerical company, with an interest in protecting their reputation both in terms of uptime but also in terms of avoiding security breaches
* Greater likelihood of support in local language - at least in terms of documentation

'''Downsides'''
* Lack of control of any systems underlying website
* Reliance on provider for support
* Subject to providers terms and conditions, which may restrict publications

'''Examples'''
* [http://wordpress.com/ Wordpress.com]
* [http://wpengine.com/ WPEngine]
* [http://tumblr.com Tumblr]
'''Hosting Requirements'''

</div>
</div>

<div class="toccolours mw-collapsible mw-collapsed" style="width:800px">

==Comparison Matrix==
<div class="mw-collapsible-content">

<div class="mw-collapsible-content">
{| class="wikitable" width="60%"
| style="padding: 10px;"|
| style="padding: 5px;"| '''DIY CMS'''
| style="padding: 5px;"| '''Hosted CMS'''
| style="padding: 5px;"| '''Hosted Website'''
|-
| style="padding: 10px;"|
| style="padding: 5px;"| High technical skill
| style="padding: 5px;"| Intermediary technical skill
| style="padding: 5px;"| Basic
|-
| style="padding: 10px;"|
| style="padding: 5px;"|
| style="padding: 5px;"|
| style="padding: 5px;"|
|-

|}
</div>
</div>
</div>

[[Secure_hosting_guide|Back to front page]]
[[Category: Secure Hosting ]]

Secure hosting guide

2014-05-17T16:34:46Z

Hugh:

__NOTOC__

This document is the result of a collaborative project between [http://www.huridocs.org/ Huridocs] and [https://equalit.ie eQualit.ie].

==Useful References==
* [https://github.com/OpenInternet/MyWebsiteIsDown/blob/master/MyWebsiteIsDown.md What to do when your website goes down]
* [http://en.flossmanuals.net/wordpress/ Biulding a Wordpress site] and then [http://moz.com/blog/the-definitive-guide-to-wordpress-security Guide to secure Wordpress set-up]
* [http://en.flossmanuals.net/video-hosting-guide-t/index/ Independent video hosting]

=Introduction=
Hosting a website that can withstand various malicious attacks and unauthorised access attempts is not an easy task. There are several approaches to mitigating digital threats and reducing your site's vulnerabilities. There is no one-fits-all solution however and the site's owners or administrators should plan for various contingencies well in advance, in lieu of their financial situation and technical expertise. This guide attempts to describe several scenarios and various approaches for secure hosting.

==Step 1: Decide on your level of technical expertise==
A lot of choices made within this guide will depend on your level of technical expertise dealing with server configuration and maintenance. You should evaluate your situation honestly and try not to exceed this level. We will use the following key to differentiate the difficulty associated with each type of activity.

*'''High Technical''' - multiple experiences of server administration, can confidently install/update server software; apache, mysql, mail server OR access to a consultant with these skills. Do not attempt to learn as you go!
*'''Intermediate Technical''' - some experience of server administration, can install and manage web services software via guides, can use ssh and commandline interface
*'''Basic Technical''' - no experience with server management. Can use software management interfaces such as CPanel

'''Required''' - basic knowledge about Internet infrastructure and addressing is required should you want to maintain anything on the Internet (Facebook, twitter, other social networks exempted) that is bound to last the test of time. Please read through [http://equalit.ie/esecman/appendix_b.html Appendix B - Internet explained] to get the basics and go on from there. You need to know a little bit about architecture before building your house.

==Step1: What are you planning to host?==
*[[Website]] - standalone website, blog, forum

==Step 2: What are your hosting options==
Each category will include details of hosting options for additional reference we include here core hosting types and a methodology for choosing a hosting provider:

*[[Choose a hosting provider]]
*[[Choose a name registrar]]
*[[Geography, lesgislation and terms of service]]

==Step 3: Plan for contingency and threat mitigation==
For each form of system use relevant threats and strategies to mitigate them are include. These approaches are ordered in terms of technical ability requirements. The following topics are relevant to all setups:

*[[Data_Backup|Data backup and recovery]]
*[[Access Restrictions]]
*[[Data Encryption]]
*[[Monitoring]]
*[[Secure connections]]
*[[Brute_Force_DDOS| Denial of Service and Brute Force attacks]]

[[Category: Secure Hosting]]