(→Features) |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 7: | Line 7: | ||
*Reputation - are they well known, have they had security breaches or reports of poor support, do they adhere to certain principles inline with that of your organisation - such as data privacy or protection of human rights defenders. | *Reputation - are they well known, have they had security breaches or reports of poor support, do they adhere to certain principles inline with that of your organisation - such as data privacy or protection of human rights defenders. | ||
*Specialisation - do they work in the field of human rights, software applications or general hosting | *Specialisation - do they work in the field of human rights, software applications or general hosting | ||
| − | *Is mail provided - for many organisation it is not an option to run their own mail server, however, is they do not wish to sue a free service such as [riseup.net Riseup] or [gmail.com gmail], or if they wish to have domain specific email - such as info@mywebsite.org - then it is worth considering services that provide free email accounts. | + | *Is mail provided - for many organisation it is not an option to run their own mail server, however, is they do not wish to sue a free service such as [https://riseup.net Riseup] or [https://gmail.com gmail], or if they wish to have domain specific email - such as info@mywebsite.org - then it is worth considering services that provide free email accounts. |
*Hardware specifications - does the server fits my needs? For most websites basic servers are enough but websites with high traffic can demand more stable or dedicated hardware. | *Hardware specifications - does the server fits my needs? For most websites basic servers are enough but websites with high traffic can demand more stable or dedicated hardware. | ||
*Operating systems offered - different operating systems provide different functionality and integration with other applications. They also have different degrees of vulnerability and support. | *Operating systems offered - different operating systems provide different functionality and integration with other applications. They also have different degrees of vulnerability and support. | ||
| Line 92: | Line 92: | ||
For more details see [[Access_Restrictions#Dedicated/VPS_HOSTING| see]] | For more details see [[Access_Restrictions#Dedicated/VPS_HOSTING| see]] | ||
| − | '''System and Software Management''' | + | '''System and Software Management''' is primarily concerned with ensuring that the physical system and its software is setup in the most mangeable, maintainable way and that attention is paid to keeping everything up to date to avoid potential vulnerabilities. |
For more details see [[System_Management| see]] | For more details see [[System_Management| see]] | ||
| − | '''Webserver Setup''' | + | '''Webserver Setup''' is an important consideration when hosting a website. There are a variety of steps that can be taken to lock down a webserver and to make sure that no vulnerabilities or accidental leaks occur. |
For more details [[Webserver_setup| see]] | For more details [[Webserver_setup| see]] | ||
| Line 109: | Line 109: | ||
===Hosted platform=== | ===Hosted platform=== | ||
For organisation that wish to setup their own custom site based on an existing platform such as Wordpress.com, there are a setup of steps that should be taken to ensure a good level of security. The [[Choosing_A_Host | choosing a hosting provider]] guide should also be consulted. | For organisation that wish to setup their own custom site based on an existing platform such as Wordpress.com, there are a setup of steps that should be taken to ensure a good level of security. The [[Choosing_A_Host | choosing a hosting provider]] guide should also be consulted. | ||
| + | |||
| + | '''Benefits''' | ||
| + | * Hardware is managed and maintained by the hosting provider | ||
| + | * There is no need to build custom software | ||
| + | * Using an install of an existing platform, such as Wordpress.com, means that software patching and bug fixing is handled by a dedicated group | ||
| + | * Once the solution is setup, secured and configured management is minimal | ||
| + | * The software platform will provide support for the core functionalities of managing a website such as user creation, content uploading and provide mechanisms for exporting/backup | ||
| + | |||
| + | '''Downsides''' | ||
| + | * The provider must be carefully chosen based on the information in this [https://pad.riseup.net/p/rh_ispq document] | ||
| + | * Software updates must be performed by the organisation | ||
| + | * Backup is the organisations responsibility | ||
| + | * No support is provided for configuring or managing the platform | ||
'''Platform Security''' | '''Platform Security''' | ||
| Line 114: | Line 127: | ||
<li> | <li> | ||
Limiting access - Making smart choices that reduce possible entry points available to a malicious person. | Limiting access - Making smart choices that reduce possible entry points available to a malicious person. | ||
| + | |||
| + | For more details see [[Access_Restrictions#Dedicated/VPS_HOSTING| see]] | ||
</li> | </li> | ||
<li>Containment - Your system should be configured to minimize the amount of damage that can be done in the event that it is compromised. | <li>Containment - Your system should be configured to minimize the amount of damage that can be done in the event that it is compromised. | ||
| Line 120: | Line 135: | ||
</li> | </li> | ||
<li> | <li> | ||
| − | + | Password management - the core component of any digital security strategy is control and management of passwords. | |
| + | |||
| + | For more details [[Access_Restrictions#Dedicated/VPS_Hosting| see]] | ||
</li> | </li> | ||
<li> | <li> | ||
| − | + | Software updates and system control - allows the user to lock down the system and restrict what applications are running. | |
| − | + | ||
| − | + | For more details see [[System_Management| see]] | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
</li> | </li> | ||
</ol> | </ol> | ||
| − | |||
===Shared Hosting=== | ===Shared Hosting=== | ||
| Line 147: | Line 153: | ||
* http://www.dreamhost.com/web-hosting/ | * http://www.dreamhost.com/web-hosting/ | ||
* http://wpengine.com/ (wordpress only) | * http://wpengine.com/ (wordpress only) | ||
| + | |||
| + | '''Benefits''' | ||
| + | * Host provided support for software and hardware | ||
| + | * Reduced technical needs for organisation | ||
| + | * Standardised software components | ||
| + | |||
| + | '''Downsides''' | ||
| + | * Heavily relies on the hosting providers technical and support abilities | ||
| + | * Danger that compromise to another unrelated site could compromise user's site. | ||
| + | * Your security is tied to that of others using the same system | ||
| + | * Limited or no control over security procedures - relies heavily on abilities of hosting provider | ||
===Threat Mitigation=== | ===Threat Mitigation=== | ||
| Line 158: | Line 175: | ||
For a basic setup providing a content distribution platform such as a blog users have the option of using existing free services such as Wordpress, Journoportfolio or similar. | For a basic setup providing a content distribution platform such as a blog users have the option of using existing free services such as Wordpress, Journoportfolio or similar. | ||
| + | '''Examples:''' | ||
| + | * [http://wordpress.com/ Wordpress] | ||
| + | * [https://www.tumblr.com/ Tumblr] | ||
| + | * [https://www.journoportfolio.com/ Journo Portfolio] | ||
| + | * [http://www.joomla.org/ Joomla] | ||
| + | |||
| + | '''Benefits''' | ||
| + | * Host provided support for software and hardware | ||
| + | * Very low technical needs for organisation | ||
| + | * Easy setup and quick start | ||
| + | |||
| + | '''Downsides''' | ||
| + | * Heavily relies on the hosting providers technical and support abilities | ||
| + | * No control over system software or hardware | ||
| + | * Limited security options | ||
===Threat Mitigation=== | ===Threat Mitigation=== | ||
Latest revision as of 19:06, 28 May 2014
Criteria
There are several aspects which should be considered when selecting a service host. Below is a general list, this document gives detailed information on each area. eQualit.ie has developed a review of existing providers based on experiences with our Deflect network.
- Price - for most groups the cost of the infrastructure will be a major determining factor. however, there are a large number of competitive offers and though this is an important factor it should be used as a boundary to decide what is available not as the sole reason to purchase a service.
- Reputation - are they well known, have they had security breaches or reports of poor support, do they adhere to certain principles inline with that of your organisation - such as data privacy or protection of human rights defenders.
- Specialisation - do they work in the field of human rights, software applications or general hosting
- Is mail provided - for many organisation it is not an option to run their own mail server, however, is they do not wish to sue a free service such as Riseup or gmail, or if they wish to have domain specific email - such as info@mywebsite.org - then it is worth considering services that provide free email accounts.
- Hardware specifications - does the server fits my needs? For most websites basic servers are enough but websites with high traffic can demand more stable or dedicated hardware.
- Operating systems offered - different operating systems provide different functionality and integration with other applications. They also have different degrees of vulnerability and support.
- Supported provided - this is an essential aspect when choosing a hosting company. It should also be considered in terms of language support, whether support is provided for software and/or hardware issues.
- Readily discusses your security concerns and which security features and processes they offer with their hosting.
- Provides the most recent stable versions of all server software.
- Provides reliable methods for backup and recovery.
- Provides encryption options for hosting of sites or mail
Features
It is quite important to consider the possibilities offered by your provider's control panel. If you need to write a support ticket everytime the server has to reboot, it wont be an efficient process, especially during a crises. Possible features to look out for include
- Automated operating system installs, this feature is hugely useful if it will be necessary to reinstall the operating system on your server. it avoids the need for dedicated time from one of your team members.
- Server boot and reboot, when installing new applications or updating existing software components, or as a means to resolve an issue, the ability to remotely restart your server can be critical. This is dependent on the type of server you are using.
- Remote console (sometimes known as KVM), this is invaluable in diagnosing issues with your server's physical hardware but equally is a necessity if you wish to perform full disk encryption as a password will have to be entered before the machine has full booted up.
- Server and network statistics, this information helps you track your server and/or website giving you detailed information for debugging, tracking attacks or discovering who is visiting your site.
- Dynamic components (e.g. adding extra disk space, RAM without rebuilding the machine or having to order a new service)
- Server access is the means by which you can physically connect to your server. Options iclude SSH, SSH key, SFTP or web based
Secure hosting setups
Depending on available skill level the following secure system setups are possible:
High Technical
Dedicated Server
For a Dedicated Hosting system, the user can either run their own physical hardware or rent this hardware from a provider. The former solution offers total control of the physical hardware, however, there are significant downsides to this approach and should be avoided; it is only recommend under special circumstances such as storing sensitive data. In the latter case, the hosting agent provides the hardware but the user has total control of the server via remote access. In this scenario, the provider is responsible for replacement of hardware parts that fail or malfunction - this support is generally done through a ticket system and relies on the user to report errors.
Examples
- http://www.ovh.com/ca/en/dedicated-servers/hosting/
- http://www.soyoustart.com/ie/offers.xml
- http://www.hetzner.de/en/hosting/produktmatrix/rootserver
- http://www.coolhousing.net/hosting-dedicated-servers.html
Benefits
- User has total control of the system's software
- User has total control of access rights
- User has control of physical network connection, allowing them to whitelist or block connection from allowed or spurious connections
- Financial cost of hardware malfunction is not an issue as the host is responsible for replacing/repairing failing hardware
- The host can be chosen to place the server in a different jurisdiction from that of the user to prevent seizure
Downsides
- The user does not have physical access to the server
- The host is not responsible for data loss or downtime if the physical server fails
- The user is responsible for detecting and reporting hardware faults on some providers
- The time taken to repair a hardware malfunction depends on the provider chosen. See Choosing a hosting provider.
- The contract can be terminated by the host and access to the server can be terminated or suspended depending on the host's terms of use.
VPS
A Virtual Private Server(VPS) is an instance of a Virtual Operating System running on a much larger server. Typically multiple VPS will be run on a single server. In a VPS environment, you have a dedicated virtual private server but do not control the server on which it is hosted. Resources will be limited, you can not control or harden the outer server.
Examples
Benefits
- The cost of this type of server will typically be significantly cheaper than a dedicated server
- Depending on the host, the server will be capable of running most standard server software, up to a certain limit
- Hardware is managed by the hosting provider unless self hosting
- If self hosting, a single server can be used for multiple purposes and to provide multiple distinct servers
Downsides
- Processing power will be limited over a dedicated server but, depending on the hosting provider, should be capable of running small to medium capacity websites
- Bandwidth will also be restricted
- Potential risk of provider, law enforcement or other state forces accessing contents of virtual server without user's awareness.
- The user will not have access to the outer server and will thus not be able to harden it
Threats
- Social engineering attack
- Password brute force
- Service interruption through denial of service attack
- System software exploits
- SSL man-in-the-middle attacks
- Data loss or data theft
Mitigation
Password management is the core of any security strategy. For the dedicated and VPS hosting options, there are several modes of control that administrator can apply.
For more details see
User Management on dedicated or VPS systems allow administrators fine grained control of user login and access permissions.
For more details see see
System and Software Management is primarily concerned with ensuring that the physical system and its software is setup in the most mangeable, maintainable way and that attention is paid to keeping everything up to date to avoid potential vulnerabilities.
For more details see see
Webserver Setup is an important consideration when hosting a website. There are a variety of steps that can be taken to lock down a webserver and to make sure that no vulnerabilities or accidental leaks occur.
For more details see
Intermediary Technical
Hosted platform
For organisation that wish to setup their own custom site based on an existing platform such as Wordpress.com, there are a setup of steps that should be taken to ensure a good level of security. The choosing a hosting provider guide should also be consulted.
Benefits
- Hardware is managed and maintained by the hosting provider
- There is no need to build custom software
- Using an install of an existing platform, such as Wordpress.com, means that software patching and bug fixing is handled by a dedicated group
- Once the solution is setup, secured and configured management is minimal
- The software platform will provide support for the core functionalities of managing a website such as user creation, content uploading and provide mechanisms for exporting/backup
Downsides
- The provider must be carefully chosen based on the information in this document
- Software updates must be performed by the organisation
- Backup is the organisations responsibility
- No support is provided for configuring or managing the platform
Platform Security
- Limiting access - Making smart choices that reduce possible entry points available to a malicious person. For more details see see
- Containment - Your system should be configured to minimize the amount of damage that can be done in the event that it is compromised.
- Preparation and knowledge - Keeping backups and knowing the state of your WordPress installation at regular intervals. Having a plan to backup and recover your installation in the case of catastrophe can help you get back online faster in the case of a problem.
- Password management - the core component of any digital security strategy is control and management of passwords. For more details see
- Software updates and system control - allows the user to lock down the system and restrict what applications are running. For more details see see
In a Shared Hosting environment, your and other website owners shared one server. This includes sharing the physical server and the software applications within the server. Shared hosting services are affordable because the cost to operate the server is shared between you and these other owners. There are, however, a number of down sides, such as being slower.
Examples:
Benefits
- Host provided support for software and hardware
- Reduced technical needs for organisation
- Standardised software components
Downsides
- Heavily relies on the hosting providers technical and support abilities
- Danger that compromise to another unrelated site could compromise user's site.
- Your security is tied to that of others using the same system
- Limited or no control over security procedures - relies heavily on abilities of hosting provider
Threat Mitigation
Basic Technical
For a basic setup providing a content distribution platform such as a blog users have the option of using existing free services such as Wordpress, Journoportfolio or similar.
Examples:
Benefits
- Host provided support for software and hardware
- Very low technical needs for organisation
- Easy setup and quick start
Downsides
- Heavily relies on the hosting providers technical and support abilities
- No control over system software or hardware
- Limited security options
Threat Mitigation
- Strong Passwords are a core element of any system. The access password for the host should be restricted to those individuals with the organisation that work directly with the server. Safe password creation and storage procedures should be followed, as described here
-
Malware is core vulnerability for the devices used by those managing and logging into the hosted system. Malware, keyloggers and viruses provided a straightforward means of attack.
The attacker does not need to hack or compromise the server, instead via infection through phishing emails or malicious websites the attacker can log and store the passwords and other critical information.
To mitigate this threat all individuals who work with or have login access to the server must have anti-virus installed, a firewall and have an up to date system. For more information [|see] - Two factor Authentication should be enabled where available as this will make compromising a system significantly more difficult.
- Wordpress Security is described in detail in the following guide.
Comparison Matrix
| Dedicated Server | Virtual Private Server | Shared Hosting | Cloud Service | |
| High technical skill | Requires Intermediary technical skill | Intermediary/Basic | Basic | |
| Allows disk/data encryption | Allows encryption within VPS | Limited or no control of data encryption | Depends on provider but usually not provided | |
| SSH and private key login | Enforce secure login for VPS | Login via CPanel or Custom interface - some hosts offer 2 factor auth | Depends | |
| User access control and restriction | User control | Control via user accounts added through management software | Control via management software | |
| Allows SSL cert, must setup and provide own cert | SSL cert, must setup and provide own cert | Allows only shared SSL cert, most host provide shared cert | Most host platforms will provide SSL support by default | |
| Total control of applications and software | Control of software within VM, limited access to hardware depending on type of VM | Application control only via management interface | Depends on cloud server - certain services with provide data access restrictions but this is a non-ideal scenario | |
| Manually maintained and updated | Server is patched but VPS remains responsibility of user | Patches and updates provided by host - though may lag behind depending on quality of hosting | Depending on scale of provider - patching and support will be provided to protect their reputation | |
| Limited supported - hardware support and replacement depending on provider | Similar to dedicated support | Support is generally in terms of management software - hardware is automatically monitored by hosts | Similar to shared though support is specific to the platform hosting | |
| Anti-ddos and brute forcing via fail2ban, botnetdbp deployment | Provider may or may not mitigate DDoS attacks | DDoS attacks will receive some or limited mitigation depending on quality of host, generally they will not protect against large scale attacks and may force the website to be removed | Depending on the provider if the attack crosses their threshold for protection they may shut down the website or ask it to leave |