Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security The Internet Technology

Secure, Shared Hosting? 58

Posted by Cliff from the finding-a-secure-and-comfortable-nest-for-your-boxen dept.
skrysakj asks: "I have been searching high and low for a hosting company that can provide SSL encrypted POP3 or IMAP at an affordable price. I'd like something that is shared, not dedicated, to keep costs down. I believe that pghoster.com is a good option, since they offer a personal SSL certificate, a dedicated IP address, and more. Has anyone else found another viable and cost effective solution? Other features, such as SPAM filters, control panels, PHP, MySQL are all 'standard' but I just can't seem to find a company that offers that extra mile for paranoid security freaks such as myself."
This discussion has been archived. No new comments can be posted.

Secure, Shared Hosting? More

Secure, Shared Hosting?

Comments Filter:

  • Ask Slashdot: Secure, Shared Hosting? (Score:3, Insightful)

    by Anonymous Coward on Wednesday March 17, 2004 @11:26AM (#8588620)
    I have been searching high and low for a way to advertise my hosting service. I'd like somewhere that is visited by many people in the tech community, but is still free to post my adverts.

    I think he's found the ideal place. Shame on the editors for allowing this to get through the net.

  • Run it yourself, save a buck or $100. (Score:4, Informative)

    by Mr. Darl McBride ( 704524 ) on Wednesday March 17, 2004 @11:27AM (#8588628)
    If you want to run a box yourself, you can always go with a dedicated server or a virtual dedicated server. Then you can install all you like. You can use a self- signed certificate, or get one from a free public registry. You'll have to manually accept it the first time in each browser you use, or you can carry a copy on a USB fob and add it in for extra security.

    For a dedicated server, look at Server Beach [serverbeach.com] for a cheap (about $100/mo) server. The only support you get is rebooting and reinstalling, the ToS are no-nonsense strict, but the box is yours, the price is wonderful, and the bandwidth is mind-blowing.

    For a cheap virtual dedicated server, I absolutely cannot speak highly enough of JVDS.com [jvds.com]. They use User Mode Linux to host whichever Linux distribution you like. Uptime is excellent, Rus (the guy running it) is very attentive to security, and you can choose from several locations if you have a geographic preference for the server. Most of the machines are hosted with Jipes or Cogent-class bandwidth providers which has sometimes meant brief outages in the past. I haven't had recent problems, but it's been a few minutes every couple of weeks in the past. For $20.00/mo for root, that's easily forgiven.

    The down side to both is that neither are paying me for their goddamned licenses, so I'm going to sue all the customers blind as soon as I figure out how to go after JVDS' FreeBSD users too.

    ~Darl

    • $60 Dedicated box.. (Score:4, Informative)

      by slashkitty ( 21637 ) on Wednesday March 17, 2004 @11:39AM (#8588741) Homepage
      I think running it yourself is the way to go. You can get dedicated boxes in the $50 to $60 range.. like at managed.com [managed.com] ...
      • managed.com has the best pricing I've been able to find. And, they'll preinstall debian 3.0, RH9, or FreeBSD 5.1 for you.

        And their Acceptable Use Policy is very reasonable, with no draconian restrictions on "streaming", or running p2p software. A friend of a friend wanted to distribute her (original) mp3 and music video. I thought, "Sure, we'll just put it up on my server, and use bittorrent to save bandwidth."

        Ah, how foolish I was. The hosting provider is actually blocking about 200 ports (includin

        • I knew it was server beach before you mentioned it.

          You know that you can run the tracker and torrent client on nonstandard ports, right? I had ServerBeach for about six months before moving on to something cheaper. I ran Bittorrent on high ports non-stop and they never knew. I blocked outbound connections to the common Bittorrent ports on my machine and let machines on those ports connect to me instead. No sweat.

          • I knew you could move the tracker's port, but I didn't know that you could move the client.

            I just wanted to save them some bandwidth by using bittorrent instead of http. Their AUP doesn't even expressly prohibit it. By the way it's written, it looks like it prohibits the use of p2p or streaming "which negatively impact" their customers.

            And yet they just go ahead and block the ports.

            Without telling you.

            And argue with your nmap scan, saying "I just scanned it from home, and I don't see any of the blocke

  • Massive pimping but.. (Score:5, Informative)

    by rf0 ( 159958 ) * <rghf@fsck.me.uk> on Wednesday March 17, 2004 @11:28AM (#8588636) Homepage
    What about the shared hosting we do is via User Mode Linux [sf.net] we offer root access on a shared host, but everyone is totally seperate at a lot lower cost than dedicated.

    Rus

    • Re:Massive pimping but.. (Score:1, Interesting)

      by Anonymous Coward
      But it says you're not taking new customers!
    • He asked for recommendations. Unless you're making false claims, go for it.
    • memset [memset.com] is the daddy when it comes to UML VPS.
    • I was just going to recommend Rus's company. They have a very solid reputation in the Web Hosting world.
    • Gotta vouch for JVDS/Rus Foster. I use them to host a bunch of stuff for a very low monthly fee, and am very happy with the response/support/price/features.

      Kudos.

      S

    • It's not pimping ... (Score:4, Interesting)

      by fm6 ( 162816 ) on Wednesday March 17, 2004 @01:25PM (#8589787) Homepage Journal
      ...if you're honest about it being your own service, and about what the service offers.

      JVDS sounds like it would be a good option for skrysakj, since his main reason for avoiding dedicated hosting is the expense. He assumes that a non-dedicated solution means he has to take what the provider gives him. But a UML provider lets the customer have it both ways -- the cost structure is like a a shared provider, but the level of flexibility is like a dedicated provider. Which should appeal to a lot of people.

      On the other hand, cost is not always the crucial issue. Even if you can afford a dedicated box, you may not want the hassle of administering such a system. Even if the provider delivers a nice turnkey solution (as you do), the whole point of having a dedicated system is being able to install your own stuff. But if you do that, you better be prepared, skillwise and timewise, to maintain that stuff. And not all of us are.

      I personally would much prefer to have a provider that does all the donkey work for me. The problem with that is the provider always seems to have priorities that are not quite compatible with mine.

      The closest I've come to an ideal shared provider is DreamHost [dreamhost.com], where I currently host my web site. The big points: even low-end accounts get shell access (often an expensive extra, if it's available at all), IMAP (most providers consider POP sufficient), and being CGI friendly (maybe a little too friendly). But:

      • They insist that users keep their mailboxes small to avoid overburdening the mail server. This is enforced by a script that moves old messages from the mailbox to a regular file. Makes sense costwise, but it also defeats the main purpose of using IMAP -- having a central mail repository that you can easily access from multiple clients and systems.
      • They support SSH and encourage people not to use telnet or ftp. But their web console doesn't include any key generation utility. So you have to do it on the command line. Which, since I don't do it very often, I have to study up on each time. A real pain.
      • They're still on Perl 5.6.1, which has a lot of libraries that aren't taint-safe. They currently have no plans to upgrade to 5.8, citing massive version dependencies in their own software. Less of an issue, as I've learned more about writing secure CGIs, but it bothers me that their Perl is 3 years old.
      • A lot of their docs suck. Plus it's all on SSL pages, which can be darned inconvenient.
      I'm sure people can point me to other providers that do better than this on one or more points. I've found a few myself. (Love Google!) But taken as a whole, I've never found anybody who does even as well as Dreamhost. They solve some of the above problems but not others. They charge too much. They don't do IMAP. CGI support is iffy.

      I'm pretty impressed with SourceForge. But they don't do web hosting except as a part of their overall service.

      Oh well.

    • I've been using Rimuhosting [rimuhosting.com]'s Virtual server for a couple of months.

      Works really well, I'm running a Gentoo image with Apache, IMAP/POP with a SpamAssasin and Clam-AV running on my Exim mail server.

      98% of my spam auto-sorts itself into my spam folder, and If I want I can configure the server to reject mail which looks like spam (either by the SpamAssassin threshold or because the sender is on one of the DNS blacklists) at the point of delivery so the spam never even hits my server.

      The Rimuhosting folks a
    • I've seen benchmarks before showing that UML has a huge performance hit.

      Can anybody confirm?

      • I've seen benchmarks before showing that UML has a huge performance hit.

        In the past year or two, a patch for the host kernel was introduced called SKAS which greatly improves the performance of UMLs running on the patched machine.

        There still is a performance hit but itsn't as bad as it used to be.
    • JVDS rocks. Great prices, awesome support, they support every distro you'd want to run on a server, and they kick back a percentage of your sign-up to spi-inc [spi-inc.org].
  • Unless you're concerned about your local network, surely the fact that any email you received arrived at your ISP means that GPG would be a better solution to your paranoia?

    If you really do want to encryot the mail you receive, you should probably chekc your ISP is using TLS as well to make sure the encryption goes as far as the sender/recipient too - of course their ISP needs to support that too!

    As for an ISP that offers that lot, sorry I don't know of any. You could always co-locate and set it up yourself

  • Dreamhost (Score:4, Interesting)

    by attaboy ( 689931 ) * on Wednesday March 17, 2004 @11:36AM (#8588714)

    I've had great luck with Dreamhost. They offer both SSL POP3 and SSL IMAP. I can't rave enough about their hosting. I did a lot of research into hosting companies, and they consistently came up as one of the top companies in the business.

    Link to learn more [dreamhost.com]

    Fair disclosure: If you use that link and end up buying from them, I get a small "referral" credit on my own hosting bill. However, I wouldn't recommend them if I didn't think they were absolutely the best.

  • Sneak Adverts? (Score:5, Funny)

    by aburnsio.com ( 213397 ) on Wednesday March 17, 2004 @11:47AM (#8588810)
    Is this a question or an advertisement for pghoster.com? If you've got a product you want to advertise to the slashdot community, it's relatively simple to come up with a "question" that subtlely advertises your product. Free advertising; all you have to do is submit a "question". The Big Corps are gonna love it!

    Posted by CliffAdverts4U on Wed March 17, 09:20 AM
    from the how-much-did-they-pay-VA-Software-for-this-dept.
    RandomMarkter asks: "Hey, I heard Coca-Cola(TM) is a great, refreshing, tasty beverage that seems to be just what I'm looking for, have you tried one lately? I've also been thinking about grabbing a bite to eat while hacking, and I found a website for Pizza Hut(TM), has anyone else heard of this company? I've got to pay for it somehow, I was thinking of getting a MasterCard(TM), which has a fantastic new low introductory APR of only 9.99%, what should I do?
    • Nah, you'd never see Coke and Pizza Hut advertised together for corporate reasons. Besides we all know that RC is the best.
    • Sadly, it's not. If I thought that the company I listed in my submission was viable (pghoster), I wouldn't be posting to Ask Slashdot in the first place.

      I could list other companies I have contacted (FatCow, DyNi.net, etc...) just to make sure other people don't recommend places I've already looked.

  • Forced Spam Filtering? (Score:3, Interesting)

    by Goo.cc ( 687626 ) * on Wednesday March 17, 2004 @11:53AM (#8588861)
    I'm sure that I am in the minority here but I don't like hosting providers that force a spam filter on me (although the option of using one is a nice feature). I want to receive everything sent to me.

    Let me decide what is spam.

  • What's the point of encryption? (Score:3, Insightful)

    by david.given ( 6740 ) <dg@cowlark.com> on Wednesday March 17, 2004 @11:56AM (#8588889) Homepage Journal
    ...considering that all the email will have been delivered across the 'net by insecure, plain-text SMTP anyway? All you need is secure authentication via CRAM-MD5 or some such thing. There's no real need to go for a fully-fledged SSL connection just for email.

    (Unless, of course, its own personal 'net connection is compromised, but then it has bigger problems.)

    • Re:What's the point of encryption? (Score:2, Informative)

      by Anonymous Coward
      The point of encrypted POP3 or IMAP is not to encrypt the email, but to encrypt the password, which would otherwise pass in the clear.
      • The point of encrypted POP3 or IMAP is not to encrypt the email, but to encrypt the password, which would otherwise pass in the clear.

        You'll note that the parent mentioned that CRAM-MD5 is sufficient for protecting passwords.

        How CRAM-MD5 works: server generates a random string and sends it to client along with a timestamp. Client takes random string and password and uses them as a key to a keyed hash function to compute the digest of the timestamp. Client then sends digest to server, which perfo

    • ...considering that all the email will have been delivered across the 'net by insecure, plain-text SMTP anyway?

      It's a good point, but the right thing to do is to fix the SMTP end, then the SSL matters.

      I was suprised how easy it was to enable opportunistic encryption [homeport.org] under Postfix after it was setup for TLS SMTP sessions. Watching the logs was surprising - a large number of sites will actually negotiate TLS SMTP sessions given the chance.

      So if you're a postfix admin and a freedom-loving cypherpunk, get

  • ...then you might want to check out Terabolic.com's service:

    https://secure.terabolic.com/signup/indexsingleema il.php [terabolic.com]

    Looks like they have what you want for email, and it's pretty cheap--$39.95 a year. That is, if you're willing to pay for email separate from hosting.

    In addition, it seems that [terabolic.com] Terabolic's email service is free of 'Poopyhead' and 'MegaCorp Suckage,' while still managing to be 'Magical.' What more could you ask for?

    ANTI-DISCLAIMER: I have never worked for Terabolic, nor have I act

  • rootroute.net

    A remarkable amount of stuff for not a lot of money hosted on OpenBSD. Nice folks too.
  • Have you thought about using SSH and tunnelling ports 110 (POP3) and 143 (IMAP)?

    I have seen adverts in the past for hosters giving you shell access, and you can bet they are using SSH to administer the boxes as well...

  • HostNexus (Score:3, Informative)

    by Mizery De Aria ( 554294 ) on Wednesday March 17, 2004 @01:09PM (#8589606)
    HostNexus [hostnexus.com] offers several shared hosting plans [hostnexus.com] as well as monthly promos in which any monthly promo can be used at any time. I am not sure about the dedicated IP, but you can always ask about it on their [hostnexus.com] forum [slashdot.org], which is for socializing as well as customer support. You can also email them for support or use their trouble ticket system. The forum is convenient for most issues. HostNexus uses Plesk and offers CPanel as well. Take a look at their services and feel free to post on the forum. By the way, I am not affiliated with HostNexus other than being one happy customer. Other features, such as SPAM filters, control panels, PHP, MySQL are all 'standard' but I just can't seem to find a company that offers that extra mile for paranoid security freaks such as myself."
  • I've been looking for a good place to park WebMail for several domains that I administer. I need optional spam filtering, good antivirus, and blocking of selected attachment types. I'd also like a decent pricepoint on this.

    Anybody out there in Slashdot land have suggestions for me?

    THanks

    LlamaKeeper

  • Try OpenHosting (Score:3, Informative)

    by gtrubetskoy ( 734033 ) * on Wednesday March 17, 2004 @01:57PM (#8590159)

    Try here [openhosting.com]

    We provide VServer [linux-vserver.org] based virtual servers and by default we provison them with IMAP and POP SSL-enabled only.

    As a side note - I've been using SSL for IMAP since 1997 or so and I cannot believe there still are people using unencrypted POP/IMAP, but there are. If you ever happen to be sitting with a laptop at a corporate meeting, one where everyone plugs into an old ethernet hub in the middle of the table, it is always a lot of fun to fire up a sniffer to get all the passwords from the non-technical people at the table checking their e-mail (probably using Outlook too). Then you blurb out the password in the middle of a conversation and whatch the person's reaction. (Be careful - what may be interpreted as a harmless joke in the late nineties, these days will probably get you fired!)

    • And how do you login to your ISP? With SSL?
      • And how do you login to your ISP? With SSL?

        This is where the Virtual Servers come in, and this is an excellent example of why I think everyone should have one - you become your own ISP for about the same price.

        Why pay someone to host your mail or any other data in a way where it cannot be accessed securely when you can get your own Virtual [Dedicate/Private] Server and install the mail/web/whatever server of your liking and configure it the way you think it should be?

  • Luxsci.com (Score:2, Informative)

    by ncl2fth ( 157991 )
    Has SSL POP3/IMAP email services. Excellent.

    Marc
  • It would probably be easier for you to find a provider that gives you ssh access. Then you can use SSH forwarding to establish an encrypted channel between your mailreader and POP3/IMAP server. SSH forwarding is a great SSH feature that you can use for a variety of other neat setups. Try ssh man page [openbsd.org] for more details.
  • BSDHosting.net [bsdhosting.net] offers all of these features on all of their packages, starting at $4.95 (except no dedicated IP's on the cheapest packages). I've had a Root Server with them for about a year now and I've been extremely pleased. They're service is the best I've ever had from any hosting provider. I can't recommend them highly enough.
  • no harm in this... TimeHost Webhosting [timehost.net] provides everything you want. dedicated ip addr, imap-ssl, apop, shared ssl cert for you site, php, cgi, mysql, live free phone support with no hold times, 100% linux shop. for as low as $7.95 a month. I'm not an ad-bot, just an ex employee that knows very well the value this company provides. also ded svr's for $69/month. if this thread is still alive, go ahead and click the link, they can survive a slashdot'ing, proof enough :)

Slashdot Top Deals

A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson

Close