Home > Articles > Security > General Security and Privacy

Security Considerations for Website Developers

  • Print
  • + Share This
With so many web hosts to choose from, how do you find one that stands up to your security needs? Get the lowdown on how to find a reputable site with the right operating system and user permissions, and learn how SSL and CA certificate security should factor into your decision.
Like this article? We recommend

Like this article? We recommend

Although the system admin or security admin has the overall responsibility for site and network security, a website developer must do certain things to make it possible for admins to secure the system. (Of course, you, as the developer, might also be the admin.)

The most important task is choosing a good web hosting provider. We look at the most important things to keep in mind here: the operating system, the site's reputation, user permissions, and SSL and certificates.

Which OS Should You Look For?

For starters, look for a *nix OS:

  • Linux

  • Solaris

  • Unix

  • Mac OSX

  • BSD (free/Open)

Why not Windows? Consider this statement from Brian Valentine, senior vice president of Microsoft Corporation:

"We really haven't done everything we could to protect our customers. ... Our products just aren't engineered for security." (See http://archive.infoworld.com/articles/hn/xml/02/09/05/020905hnmssecure.xml.)

There isn't enough space in this article to discuss the known security problems with Windows/IIS. If you're interested in this topic, I recommend searching on Google.

Of course, it is possible to run a secure Windows server installation, just as it is possible to run an insecure *nix installation. But choosing a *nix hosting service shifts the security odds in your favor.

You can find out what kind of OS a web host runs and other web hosting service information at host-search sites such as http://www.hostsearch.com, which also provides site user reviews.

  • + Share This
  • 🔖 Save To Your Account