Search


Tagged with Hosting x

Contact your hosting provider

In case you are unable to fix issues yourself or through your system administrator, e.g. by troubleshooting server errors, your next course of action would be to contact your hosting provider.  However, depending on whether your server is located in your country or abroad, your experience with the hosting provider may differ. 

Even though foreign hosting providers may provide a better service than those in your country, you should also be aware that their support might not be up to the standards in resolving the issue with your website quickly. 

Hosting providers with 24/7 support are the best option nonetheless, as well as those who provide additional support channels (live chat, call) in addition to opening a support ticket or sending an email.

Activate DDoS protection

Distributed Denial of Service (DDoS) attacks , which aim to “flood” the server with a large number of automated access requests, usually coming from thousands of IP addresses  , in order to make the site unavailable. To prevent your site from being disabled due to a DDoS attack, you should activate DDoS protection

The most common DDoS protection service provider is Cloudflare, which offers free plans but with limited options, but there are others such as Deflect, whose services are used by many media, environmental and human rights organisations. Google also offers free DDoS protection through Project Shield, which is intended for news, human rights and election monitoring sites. 

Error Server Site Hosting

Ask for server logs

To determine the potential source of issues with your website, taking a look at server logs  can be of great importance. Server logs are text documents which provide you with various information about all activities on the server. For example, you can see the IP addresses [IP-ADDRESS] and identity of the devices making a request to the server , time and date of the request, etc, which can all be crucial when mitigating a cyber incident.

You can request server logs for a certain time frame from your system administrator or through technical support.  

File a criminal complaint

Once you have the log files from your server from which it could be seen that your website was targeted with a cyber incident, e.g. unauthorised access, you can file a criminal complaint to the police or competent prosecutor. 

When preparing a complaint, make sure you mapped and described the events during the incident as they happened (what behaviour with the site did you notice, at what time, were there any changes you weren’t aware of), prepared the server logs and other useful information, such as screenshots  of suspicious activities. 

Error Server Digital evidence Site IP Address Hosting

General infrastructure protection

Here are some general recommendations on infrastructure protection:

  • Routers  can be configured to refuse automated collection of information about the system via the so-called footprinting method. This method involves creating a sketch of the network based on the fingerprints generated by sending digital signals. It should also be noted that the routing of data takes place according to different protocols, because they can be the main source of information for attackers. Mapping of routes through which data is transmitted (tracerouting), detection of active devices on the network  (ping) and similar methods can reveal to the attacker the entire infrastructure, i.e. the number and type of routers, computers and the way they are connected. Good practice dictates that ICMP requests be enabled for the web server, while the configuration for other servers and the internal network is set so that these requests are rejected;
  • Unnecessary server protocols should also be disabled. For example, everything can be blocked on the mail server except the protocols used for email (IMAP, POP, etc.) while web servers can be structurally configured so that access is provided only to public resources. Access to other folders and files, as well as the administrator part of the portal, should be disabled to avoid unauthorized access and data leakage;
  • Close unnecessary ports that no application on the server uses, with the appropriate configuration of network barriers (firewall).
  • By using intrusion detection systems, suspicious traffic is identified and rejected and footprinting attempts are registered;
  • Using anonymous registration services, information about the domain registrant can be hidden. However, it should be borne in mind that the reputation of a credible organisation is built through transparency, and this technique is not recommended in every situation.
Server Data leaks Hosting Cloud

Domain and hosting

Very important aspects of organisational infrastructure management are domain name and hosting , i.e. on which server are the organisational websites hosted and which registrar they registered the domain name with.

There are numerous choices when registering a domain name (e.g. organisation.org) and it can be done relatively cheaply and easily online, depending on the needs of the organisation. Domain names are usually registered on a yearly basis and registration must be regularly renewed. 

Organisations can opt for different types of top level domains, i.e. the ending part of the URL, and most common are: 

  • Country code (ccTLD), which are associated with a specific country, region or territory: .de, .br, .ca;
  • Generic (gTLD), related to general notions: .com, .net, .org;
  • Sponsored (sTLD), reserved for specific types of registrants, such as government bodies or international organisations: .gov, .int, .aero.

When registering a domain, there is also the option of Whois domain protection, so that the registrant’s information (name, address, contacts...) wouldn’t be visible in Whois lookup searches. However, for organisations such as media, domain transparency is recommended.  

Websites can be hosted domestically, i.e. in the country where the organisation operates, or internationally. Both options are equally viable, but have some specifics to them:

  • Domestic hosting
    • You can directly inspect the quality and security of the providers’ server halls;
    • Better availability of technical support that does not depend only on reporting and online communication;
    • Liquidity and reputation of hosting providers can be checked in the local community;
    • There is no application of legal provisions pertaining to international personal data transfers;
    • If a site targeting domestic audiences is under DDoS [DDoS] attack from abroad (which is usually the case) it can remain stable and accessible to domestic users by temporarily blocking foreign IP addresses  .
  • Foreign hosting
    • The server where the site is hosted is outside the jurisdiction of state authorities in the organisation’s country;
    • Domestic legislation does not apply to hosting, so legal and administrative procedures related to the hosted content can be complicated and uncertain.

In terms of technical aspects of hosting, there are four types:

  • Shared hosting is hosting based on the principle of sharing resources. Different sites on a shared server share the processor, bandwidth, disk space, and so on. This means that if one of the sites on shared hosting has an increased number of access requests, the performance of other sites on the same server will be affected;
  • Virtual Private Server (VPS) is hosting where everyone has their own resources. Technically, multiple virtual servers are set up on one physical server and each of them has certain resources that it does not share with others. Also, if one of the virtual servers is attacked, the integrity of others is not compromised;
  • Dedicated server is a type of hosting where the user is assigned the exclusive right to access the machine and use it for any purpose. On the dedicated server, virtual machines can be set up and used for different purposes, such as web hosting, email, data storage;
  • Cloud hosting is hosting on multiple servers connected to function as one, which contributes to the decentralisation of the system, and thus has better integrity. In case of a failure on one of the servers, the others take over its role, so the problem will not affect the operation of the site.

Shared hosting is not recommended in cases when the site consists of active content that changes relatively often and when the number of visitors varies. Dedicated hosting and cloud hosting are better solutions, but their price is a bit higher. Finally, the choice of option depends on the needs of the organisation. 

Technical support is one of the most important segments of the hosting service, because in case something goes wrong, this service is a contact point that must be fully cooperative to solve the problem as soon as possible. It is advisable to choose a company whose technical support service is operational 24/7. 

Although all the content and traffic on the internet is practically virtual, good old machines are still the basis of it all. That is why it is important to check what kind of hardware the hosting company is using. 

Finally, the technical specifications of the hosting package are the most important feature and it is desirable that they are scalable, i.e. that they can be adapted and upgraded in accordance with the changing needs of the organisation. 

Good hosting also implies decentralisation. It is not recommended that the same server is used to host the site and as a mail server or data center. The web server must be accessible from the public internet, while access to the data center from the public internet would be a serious security issue. If there is a need to access the data stored in the data center  remotely, it is best to use VPN  services.

Server Site Hosting Cloud

Critical points in the system

Each platform has several points that are the most common targets of attack. If the web developer pays attention to these zones when creating the site, it will significantly reduce the risks to the content and provide unhindered access to the site: 

  • Contact forms, surveys and other segments of the site where readers can enter some parameters are certainly the places of highest risk because they allow direct access to the system. If they are not necessary for the operation of the site, it is wise to give up the contact form, while surveys can be limited to one entry per IP address . An interactive relationship with readers can be developed in a separate space that is not directly related to the site itself;
  • The database is also one of the riskier parts of the site. By sending illogical and complex queries to the database, it can be blocked, which prevents readers from accessing the site. The solution is to strictly validate each entry in the database and prevent illegitimate queries via URL or otherwise;
  • Free third-party software that is installed on a platform to make it more interesting can often be an additional risk. This software usually comes in the form of various themes or other objects that improve the functionality and appearance of the site, but it can also contain code or a security flaw that compromises the integrity of the site. Therefore, it is important to always use software made by credible sources, i.e. software for which there is a sufficient number of positive reviews online.
Site IP Address Hosting

Request backup restore

When a cyber incident is resolved, a check needs to be performed in order to see if there is anything missing. Malicious actors might be able to delete some of the content from your website, therefore it is important to have regular server and website backups [BACKUP]. 

In case you notice some content is missing after the incident has been handled, it is possible to restore it by requesting the backup from your hosting provider or technical support.

Server Site Data backup Hosting