Offering Web4Africa’s web hosting customers easy access and management to their web hosting services whilst not compromising on security remains an unending balancing act. In a world where motivation is all that us needed to be a hacker due to the reckless abundance of free hacking tools, maintaining a high level of security in the web hosting industry is not negotiable.
However, enforcing the most effective web hosting security policies usually mean surrendering some convenience.
A classic example is the humble password. The stronger a password is, the harder it is for hackers to guess. A strong password is a complex password. However, not many people can store complex passwords in their mind. More so, we are in a world where there several passwords that hold our access to dozens of email accounts, social networks, smartphones, bank accounts etc. Adding a complex and randomly-generated web hosting password to the mix seems too much for many.
Another example is brute force protection usually installed on web hosting servers. It is simply a system that blocks a particular IP address when it is the source of attempts to login to a specific hosting or email account with a wrong passwords for too many times within a specific period of time, depending on how it was configured. It is designed to fight back at hackers attempting to gain access by guessing passwords. However, it can also block the legitimate user if the user doesn’t remember the correct password. Blocking the user’s IP address means the user would be unable to access his website and email temporarily. Since most telecom operators offering mobile broadband usually share a public IP address among several users at the same time, it means all the users on that IP would be unable the access the websites hosted on that service until the web hosting company removes the IP blacklist. Between the blockage and removal, one can expect the affected users to scream “blue murder!” since the web hosting server would appear offline, to them.
Sometimes, disabling a feature considered vulnerable on a web hosting server would mean causing problems for some dozens of users who installed a software that relies heavily on the disabled function to work properly. That is another angle to the matter.
Being hacked is never a pleasant experience. It can cause embarrassment, loss of man-hours, loss of revenue etc. A website manager would thus necessarily need to sacrifice some convenience for the sake of maintaining the integrity of his/her web hosting account.