1. The state of shared web hosting security is grim. Customers need to demand better. It’s not an unsolvable problem. Hosting companies have just mostly been competing with a race to bottom-barrel pricing. When you’re paying $5 a month for hosting, three things will usually suffer: Stability, Security, and Support.

    I maintain that shared hosting, by and large, is a disaster waiting to happen. And the funny thing is, you can get a solid VPS on the cheap now. The host I recently switched to, Digital Ocean, has a plan that only costs $5/month. Five dollars a month will get you a box, a virtual machine that’s properly walled off from other customers, with 512MB of memory, 20GB of space on an SSD and a higher monthly data transfer quota than the vast majority of sites would use in a year. RamNode has similarly attractive pricing.

    All it takes is a tiny amount of Linux knowledge and you can install an nginx+php+mysql stack and be up and running in a couple hours.

    There’s really no reason for someone to subject themselves to the horrors of shared hosting.

  2. Well, why isn’t their an industrial strength validator for plugins??? I have had many of my WP sites wrecked over and over by those exploits. The only way I can run WP now is with no plugins whatsoever. It’s boring but it’s the only way I can keep out the pirates. I use 1-and-1.com so there are no “server configurations” I can monkey with. I only get to choose my PHP level and that’s all folks.

  3. Mark

    I agree that the WordPress core is as secure as you can get. I use many premium plug-ins and to date I’ve had no hassles. I guess it all boils down to where you get your plug-ins from and to always keep them updated to the latest version.

  4. @redwall_hp – I agree with your sentiments on shared hosting. I’ve had my fair share of horrific experiences with shared hosting but for the past few years, I guess I would consider myself lucky with HostGator. Outside of yesterday, I’ve experienced little in the way of issues with them. I pay about $120 a year for my hosting plan. Meanwhile, you’re talking about $70 bucks a year. However, that little bit of Linux knowledge needed is a barrier. I went down the VPS road awhile ago but all that ended up happening is the box became compromised soon after it went online because I had no clue as to what I was doing. I learned that if whatever I’m using is not managed, I don’t want to mess with it.

    @Victor R. Volkman – I’m curious as to which plugins you’ve been using? Plugins are one of the reasons why so many people love using WordPress so it sucks to you subject yourself to the inability to extend your installation. When you say wrecked, what happened?

    @Mark – I use a couple of commercial plugins here on this site but I also use about 20-25 free ones. In the past few years, I’ve not had any issues thanks to automatic plugin updates when a security issue is discovered.

Comments are closed.