Cloud Hosting

Tom Henderson is an enterprise cloud/virtualization/containerizing/workload systems researcher at ExtremeLabs, Inc., author, lecturer, ham radio experimenter, and a very skeptical geek.

Ive gone through a number of hosting companies. My NOC is at Expedient in Indianapolis (Carmel). They do a great job for my testing needs. They have a large, well-designed facility, lots of power and, most important, they know what theyre doing and do it 24/7.

In my role as someone who knows the difference between UDP and TCP, I get asked a lot to recommend an ISP or cloud host for purposes of web and mail hosting for small businesses, organizations and even generic civilians. Over the years, Ive found some common difficulties that can mean the difference between enjoyable experiences and long, drawn-out support problems with incumbent frustration.

To make sure you have a good experience with your cloud host, use this checklist.

1. Can you reach a human 24/7? You must check to see if you can get a human who knows about the products offered by calling the cloud host company yourselves. Im sorrytoo many of them lie. From their website, look on their support pages, get the number, call it and wait until you can get a human at midnight EDT. No human? Pass. Sometimes you need a human. And if the company advertises it, they should make sure one is available.

2. When youre looking for web hosting, make sure that your hosting permits privileged user shell access via ssh. Imagine hosing a setting inside your WordPress site and needing to change a MySQL value. Some ISPs/cloud hosts allow access to the database that contains WordPress settings, and maybe you can fix things using this methodoften through the PhPMyAdmin app. Or not.

If you need ssh, some organizations require that you accept full responsibility for having offered that access. You can do yourself a favor if ssh privilege is granted by immediately configuring ssh so that root cant log in (see settings for ssh.conf or its equivalent in your hosted version), making a username thats nonsensical and creating a killer ugly password to connect. Then change the password randomly for your own protection.

3. Can you access the customer site control panel? Every ISP/cloud host uses a customer site control panel of some kind. Some use cpanel, while others have any number of variations that allow you to control your assets. These need to be accessible to you, and you need to use nonsensical log-ons to get to thembecause these control panel apps have the keys to your online kingdom. Access should be different than the account log-on in all ways, username and password, if thats possible. Here, too, passwords should be changed randomly.

4. Make sure you have a security tool. No one likes to look at the logs, so the logs get filled with info that civilians cant understand at all. In the logs, youll find that your site is getting picked on by hacker bots 24/7. They use common names and entrance points to try to steal your stuff. Apps like WordFence, a plugin for WordPress, are expensive, but they do a good job helping admins identify whos trying to knock their walls down and allowing them to block.

Another reason why I like WordFence specifically is that it can block by country. If you dont want international visitors using battering rams on your log-on, fence them out. Other popular web hosting apps, such as Joomla, have their own equivalents. Yes, they increase your costs, but they also reduce big cracks.

5. If you dont like what you find, or if controls are difficult and/or the ISP/cloud host makes life difficult for you, move. Switch hosts. Work with them to get a partial or full refund. This also means you need to use apps salient to the hosted infrastructure to back it up and move it somewhere else. This can be very easy, or very difficult, depending on what youve deployed. So, this rule is important: Dont deploy what you cannot backup and move within a reasonable amount of time. If you cant do this, youre dependent on someone who can.

6. Read the terms and conditions and other parts of your agreement carefullythe entire set of documentsthen read it again until you understand it. Theyre not easy to comprehend, but you need to know whats going on inside each and every agreement you sign, digitally or otherwise. There are gotchas, show stoppers, no ways, not-on-my-watches. Read them before you agree to them, not afterwards. If you cant understand them, welcome to the club. Do your best.

7. Immediately test the theory of backing up your data and restoring it. Get familiar with how to do it. Take screenshots so that you can remember what you did. Keep these screenshots in a place where youll remember them, like a folder named Site Logon Instructions. Dont just throw them into the Download folder. Please.

8. Make sure you can transfer your domain at low to no cost first before attempting to move your online assets. This sometimes can take minutes, OR DAYS. ISPs/cloud hosts dont want to give up your business and can make it difficult for you to transfer your DNS to another provider. Make sure that when you do, you cancel the remaining part of the contract with the old, no-longer-used-host and then track the refundif you even get one. Be diligent. Send emails. Be kind.

This is only a partial list. There are lots of ways to get hurt, and Ive seen too many of them. Right now, Im battling getting 1and1.com to respond to a customer support request24/7, my left ear lobe.

More:
Checklist for choosing a small cloud host or ISP - Network World