Changes
For more details see [[Access_Restrictions#Dedicated/VPS_HOSTING| see]]
'''System and Software Management'''is primarily concerned with ensuring that the physical system and its software is setup in the most mangeable, maintainable way and that attention is paid to keeping everything up to date to avoid potential vulnerabilities.
For more details see [[System_Management| see]]
'''Webserver Setup'''is an important consideration when hosting a website. There are a variety of steps that can be taken to lock down a webserver and to make sure that no vulnerabilities or accidental leaks occur.
For more details [[Webserver_setup| see]]
===Hosted platform===
For organisation that wish to setup their own custom site based on an existing platform such as Wordpress.com, there are a setup of steps that should be taken to ensure a good level of security. The [[Choosing_A_Host | choosing a hosting provider]] guide should also be consulted.
'''Benefits'''
* Hardware is managed and maintained by the hosting provider
* There is no need to build custom software
* Using an install of an existing platform, such as Wordpress.com, means that software patching and bug fixing is handled by a dedicated group
* Once the solution is setup, secured and configured management is minimal
* The software platform will provide support for the core functionalities of managing a website such as user creation, content uploading and provide mechanisms for exporting/backup
'''Downsides'''
* The provider must be carefully chosen based on the information in this [https://pad.riseup.net/p/rh_ispq document]
* Software updates must be performed by the organisation
* Backup is the organisations responsibility
* No support is provided for configuring or managing the platform
'''Platform Security'''
<li>
Limiting access - Making smart choices that reduce possible entry points available to a malicious person.
For more details see [[Access_Restrictions#Dedicated/VPS_HOSTING| see]]
</li>
<li>Containment - Your system should be configured to minimize the amount of damage that can be done in the event that it is compromised.
</li>
<li>
</li>
<li>
</li>
</ol>
===Shared Hosting===
* http://www.dreamhost.com/web-hosting/
* http://wpengine.com/ (wordpress only)
'''Benefits'''
* Host provided support for software and hardware
* Reduced technical needs for organisation
* Standardised software components
'''Downsides'''
* Heavily relies on the hosting providers technical and support abilities
* Danger that compromise to another unrelated site could compromise user's site.
* Your security is tied to that of others using the same system
* Limited or no control over security procedures - relies heavily on abilities of hosting provider
===Threat Mitigation===
For a basic setup providing a content distribution platform such as a blog users have the option of using existing free services such as Wordpress, Journoportfolio or similar.
'''Examples:'''
* [http://wordpress.com/ Wordpress]
* [https://www.tumblr.com/ Tumblr]
* [https://www.journoportfolio.com/ Journo Portfolio]
* [http://www.joomla.org/ Joomla]
'''Benefits'''
* Host provided support for software and hardware
* Very low technical needs for organisation
* Easy setup and quick start
'''Downsides'''
* Heavily relies on the hosting providers technical and support abilities
* No control over system software or hardware
* Limited security options
===Threat Mitigation===
