Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure, Shared Hosting?

Posted by Cliff on from the finding-a-secure-and-comfortable-nest-for-your-boxen dept.

skrysakj asks: "I have been searching high and low for a hosting company that can provide SSL encrypted POP3 or IMAP at an affordable price. I'd like something that is shared, not dedicated, to keep costs down. I believe that pghoster.com is a good option, since they offer a personal SSL certificate, a dedicated IP address, and more. Has anyone else found another viable and cost effective solution? Other features, such as SPAM filters, control panels, PHP, MySQL are all 'standard' but I just can't seem to find a company that offers that extra mile for paranoid security freaks such as myself."

58 comments

  1. Ask Slashdot: Secure, Shared Hosting? by Anonymous Coward · · Score: 3, Insightful

    I have been searching high and low for a way to advertise my hosting service. I'd like somewhere that is visited by many people in the tech community, but is still free to post my adverts.

    I think he's found the ideal place. Shame on the editors for allowing this to get through the net.

    1. Re:Ask Slashdot: Secure, Shared Hosting? by Mr.+Darl+McBride · · Score: 3, Informative
      I have been searching high and low for a way to advertise my hosting service. I'd like somewhere that is visited by many people in the tech community, but is still free to post my adverts.

      Too bad the moderators will help reveal the fact that his prices fall down miserably (read:suck) compared to ServerBeach and DreamHost and traceroute says he's running on SCO's own favorite *EV1.NET* machines.

    2. Re:Ask Slashdot: Secure, Shared Hosting? by etymxris · · Score: 4, Informative

      Looks legitimate. Doesn't look like he has a business relation with the company based on his resume

      My own advice is 1and1.com, cheapest virtual hosting available. May not have everything he needs. If you want dedicated, I would say managed.com, 1TB of bandwidth for $60.

    3. Re:Ask Slashdot: Secure, Shared Hosting? by etymxris · · Score: 3, Informative

      Serverbeach and Dreamhost both suck compared to managed.com. Just compare bandwidth and price.

    4. Re:Ask Slashdot: Secure, Shared Hosting? by Mr.+Darl+McBride · · Score: 1
      Sweet, didn't know about these guys.

      Bandwidth is from Above.net, so that's going to mean some outages, but for mail and web stuff where you can afford to try back in a minute or two, that's perfect.

    5. Re:Ask Slashdot: Secure, Shared Hosting? by skrysakj · · Score: 1

      I work for no server company, seller or reseller.
      Again, if I had bought from pghoster.com I wouldn't be posting this to Ask Slashdot. I currently use FatCow, they're cheap and reliable. If FatCow uses EV1 servers, I don't know about it. Moreover, if both pghoster and FatCow use EV1 but one has services not provided by the other, then the *use* of EV1 is different.
      I'm not here to advertise jack shit, I guess I should have listed a thousand different hosting companies just to get trolls off my back. I've checked out Dyni.net, they use FreeBSD but have the websever and mail server separate, so no luck with SSL. I've used
      InnoTech for Mac OS X hosting, and they don't provide SSL.

    6. Re:Ask Slashdot: Secure, Shared Hosting? by Anonymous Coward · · Score: 0

      Pronethosting.net is the cheapest and what I use. Less that 2.00/month.

    7. Re:Ask Slashdot: Secure, Shared Hosting? by nlindstrom · · Score: 1

      Bad advice. Just do a Google search and discover that Managed.com are the dedicated servers from hell.

  2. Run it yourself, save a buck or $100. by Mr.+Darl+McBride · · Score: 3, Informative
    If you want to run a box yourself, you can always go with a dedicated server or a virtual dedicated server. Then you can install all you like. You can use a self- signed certificate, or get one from a free public registry. You'll have to manually accept it the first time in each browser you use, or you can carry a copy on a USB fob and add it in for extra security.

    For a dedicated server, look at Server Beach for a cheap (about $100/mo) server. The only support you get is rebooting and reinstalling, the ToS are no-nonsense strict, but the box is yours, the price is wonderful, and the bandwidth is mind-blowing.

    For a cheap virtual dedicated server, I absolutely cannot speak highly enough of JVDS.com. They use User Mode Linux to host whichever Linux distribution you like. Uptime is excellent, Rus (the guy running it) is very attentive to security, and you can choose from several locations if you have a geographic preference for the server. Most of the machines are hosted with Jipes or Cogent-class bandwidth providers which has sometimes meant brief outages in the past. I haven't had recent problems, but it's been a few minutes every couple of weeks in the past. For $20.00/mo for root, that's easily forgiven.

    The down side to both is that neither are paying me for their goddamned licenses, so I'm going to sue all the customers blind as soon as I figure out how to go after JVDS' FreeBSD users too.

    ~Darl

  3. Massive pimping but.. by rf0 · · Score: 4, Informative

    What about the shared hosting we do is via User Mode Linux we offer root access on a shared host, but everyone is totally seperate at a lot lower cost than dedicated.

    Rus

    --
    Cheap UK and US VPS
    1. Re:Massive pimping but.. by Anonymous Coward · · Score: 1, Interesting

      But it says you're not taking new customers!

    2. Re:Massive pimping but.. by Komarosu · · Score: 2, Informative

      memset is the daddy when it comes to UML VPS.

      --

      "What do you mean you have no ice? Do you expect me to drink this coffee hot?" - Random Customer, Clerks
    3. Re:Massive pimping but.. by TheTomcat · · Score: 1

      Gotta vouch for JVDS/Rus Foster. I use them to host a bunch of stuff for a very low monthly fee, and am very happy with the response/support/price/features.

      Kudos.

      S

    4. Re:Massive pimping but.. by xneilj · · Score: 1

      I've been using Rimuhosting's Virtual server for a couple of months.

      Works really well, I'm running a Gentoo image with Apache, IMAP/POP with a SpamAssasin and Clam-AV running on my Exim mail server.

      98% of my spam auto-sorts itself into my spam folder, and If I want I can configure the server to reject mail which looks like spam (either by the SpamAssassin threshold or because the sender is on one of the DNS blacklists) at the point of delivery so the spam never even hits my server.

      The Rimuhosting folks are good too. They even took the time (for free) to build me a custom kernel to run Gentoo, even though they don't officially support it (rebuilding the kernel is about the only thing you can't do yourself on their UML VPS). They were also very helpful when I screwed up my network config and couldn't ssh back into the box ;).

      Anyway, server runs well and I have around 4GB of disk space for mail/web stuff.

      YMMV but if you're prepared to put in the effort of setting up your own server, you'll have all the flexibility you need. It works great for me and was very satisfying to get everything working.

      --
      rm -rf / is the evil of all root
    5. Re:Massive pimping but.. by mcbridematt · · Score: 1

      I've seen benchmarks before showing that UML has a huge performance hit.

      Can anybody confirm?

    6. Re:Massive pimping but.. by Oopsz · · Score: 1

      JVDS rocks. Great prices, awesome support, they support every distro you'd want to run on a server, and they kick back a percentage of your sign-up to spi-inc.

    7. Re:Massive pimping but.. by asdfghjklqwertyuiop · · Score: 1


      I've seen benchmarks before showing that UML has a huge performance hit.

      In the past year or two, a patch for the host kernel was introduced called SKAS which greatly improves the performance of UMLs running on the patched machine.

      There still is a performance hit but itsn't as bad as it used to be.

  4. Not pimping by 0x0d0a · · Score: 1

    He asked for recommendations. Unless you're making false claims, go for it.

    --
    May we never see th
  5. Two-edged sword by 0x0d0a · · Score: 1

    Yes, but see, if he comes over here and pushes his service, and then a bunch of people say "Oh, you can do much better than that -- that service sucks", then he loses out.

    --
    May we never see th
    1. Re:Two-edged sword by Mr.+Darl+McBride · · Score: 4, Funny
      I would like to point out that he is using EV1.NET for hosting. Use traceroute and check for yourself. Thusly and therefore, whether he's a sales troll or merely using Slash to avoid price shopping, he receives my fullest and most complete endorsement.

      Thumbs up for EV1.NET.

      ~Darl

    2. Re:Two-edged sword by skrysakj · · Score: 1

      I use FatCow right now, they may or may not use EV1 in a reseller role.

  6. Only emailing yourself? by Albanach · · Score: 1
    Unless you're concerned about your local network, surely the fact that any email you received arrived at your ISP means that GPG would be a better solution to your paranoia?

    If you really do want to encryot the mail you receive, you should probably chekc your ISP is using TLS as well to make sure the encryption goes as far as the sender/recipient too - of course their ISP needs to support that too!

    As for an ISP that offers that lot, sorry I don't know of any. You could always co-locate and set it up yourself.

  7. Dreamhost by attaboy · · Score: 4, Interesting

    I've had great luck with Dreamhost. They offer both SSL POP3 and SSL IMAP. I can't rave enough about their hosting. I did a lot of research into hosting companies, and they consistently came up as one of the top companies in the business.

    Link to learn more

    Fair disclosure: If you use that link and end up buying from them, I get a small "referral" credit on my own hosting bill. However, I wouldn't recommend them if I didn't think they were absolutely the best.

    --
    The facts have a liberal bias. --The Daily Show
    1. Re:Dreamhost by attaboy · · Score: 1

      Referral link seems broken. Sorry about that!. working link


      --
      The facts have a liberal bias. --The Daily Show
    2. Re:Dreamhost by Tayknight · · Score: 1

      I second DreamHost. Never a problem. Great support. Great features (that get better all the time). Not financially tied to the company, just very, very happy.

      --
      Pair up in threes. - Yogi Berra
  8. $60 Dedicated box.. by slashkitty · · Score: 3, Informative

    I think running it yourself is the way to go. You can get dedicated boxes in the $50 to $60 range.. like at managed.com ...

    --
    -- these are only opinions and they might not be mine.
    1. Re:$60 Dedicated box.. by jshare · · Score: 1
      managed.com has the best pricing I've been able to find. And, they'll preinstall debian 3.0, RH9, or FreeBSD 5.1 for you.

      And their Acceptable Use Policy is very reasonable, with no draconian restrictions on "streaming", or running p2p software. A friend of a friend wanted to distribute her (original) mp3 and music video. I thought, "Sure, we'll just put it up on my server, and use bittorrent to save bandwidth."

      Ah, how foolish I was. The hosting provider is actually blocking about 200 ports (including the BitTorrent ports), something that isn't mentioned anywhere in the TOS or the AUP. Also, the AUP prohibits "streaming" of music or videos. When I asked how to distinguish between "streaming" and "downloading" (which it does permit), they told me, "If IE prompts you to save, then it is downloading, if it just opens up in WinAmp, then it is streaming."

      If I weren't in with a group of people splitting the cost, I'd have dropped them then and there. Those are the most ridiculous restrictions I've ever heard, and completely against the whole idea of having "your own server". It's like finding out you bought a lemon.

      I'm literally paying for bandwidth. If I can't do what I want with it, what is the point?

      BTW, the terrible company I've been talking about is ServerBeach. Seriously, they cost $99/mo, and they have terrible (unmentioned in the AUP, or ToS) policies.

      P.S. I do understand, and accept, the "no IRC" rule that most hosting places have. That's just asking to be DDoS'd.

    2. Re:$60 Dedicated box.. by Mr.+Darl+McBride · · Score: 1
      I knew it was server beach before you mentioned it.

      You know that you can run the tracker and torrent client on nonstandard ports, right? I had ServerBeach for about six months before moving on to something cheaper. I ran Bittorrent on high ports non-stop and they never knew. I blocked outbound connections to the common Bittorrent ports on my machine and let machines on those ports connect to me instead. No sweat.

    3. Re:$60 Dedicated box.. by jshare · · Score: 1
      I knew you could move the tracker's port, but I didn't know that you could move the client.

      I just wanted to save them some bandwidth by using bittorrent instead of http. Their AUP doesn't even expressly prohibit it. By the way it's written, it looks like it prohibits the use of p2p or streaming "which negatively impact" their customers.

      And yet they just go ahead and block the ports.

      Without telling you.

      And argue with your nmap scan, saying "I just scanned it from home, and I don't see any of the blocked ports you are talking about."

      Grr. Now I'm pissed off again.

  9. Sneak Adverts? by aburnsio.com · · Score: 4, Funny
    Is this a question or an advertisement for pghoster.com? If you've got a product you want to advertise to the slashdot community, it's relatively simple to come up with a "question" that subtlely advertises your product. Free advertising; all you have to do is submit a "question". The Big Corps are gonna love it!

    Posted by CliffAdverts4U on Wed March 17, 09:20 AM
    from the how-much-did-they-pay-VA-Software-for-this-dept.
    RandomMarkter asks: "Hey, I heard Coca-Cola(TM) is a great, refreshing, tasty beverage that seems to be just what I'm looking for, have you tried one lately? I've also been thinking about grabbing a bite to eat while hacking, and I found a website for Pizza Hut(TM), has anyone else heard of this company? I've got to pay for it somehow, I was thinking of getting a MasterCard(TM), which has a fantastic new low introductory APR of only 9.99%, what should I do?
    1. Re:Sneak Adverts? by Jahf · · Score: 1

      Nah, you'd never see Coke and Pizza Hut advertised together for corporate reasons. Besides we all know that RC is the best.

      --
      It is more productive to voice thoughtful opinions (reply) than to judge (moderate) others.
    2. Re:Sneak Adverts? by skrysakj · · Score: 1

      Sadly, it's not. If I thought that the company I listed in my submission was viable (pghoster), I wouldn't be posting to Ask Slashdot in the first place.

      I could list other companies I have contacted (FatCow, DyNi.net, etc...) just to make sure other people don't recommend places I've already looked.

  10. Forced Spam Filtering? by Goo.cc · · Score: 2, Interesting

    I'm sure that I am in the minority here but I don't like hosting providers that force a spam filter on me (although the option of using one is a nice feature). I want to receive everything sent to me.

    Let me decide what is spam.

    1. Re:Forced Spam Filtering? by attaboy · · Score: 1


      I agree. My host had Razor installed for free, so I activated it. It just prepends "[SPAM]" to subject lines of suspect messages. So far a lot of false positives.

      --
      The facts have a liberal bias. --The Daily Show
  11. What's the point of encryption? by david.given · · Score: 2, Insightful
    ...considering that all the email will have been delivered across the 'net by insecure, plain-text SMTP anyway? All you need is secure authentication via CRAM-MD5 or some such thing. There's no real need to go for a fully-fledged SSL connection just for email.

    (Unless, of course, its own personal 'net connection is compromised, but then it has bigger problems.)

    1. Re:What's the point of encryption? by Anonymous Coward · · Score: 2, Informative

      The point of encrypted POP3 or IMAP is not to encrypt the email, but to encrypt the password, which would otherwise pass in the clear.

    2. Re:What's the point of encryption? by Permission+Denied · · Score: 1
      The point of encrypted POP3 or IMAP is not to encrypt the email, but to encrypt the password, which would otherwise pass in the clear.

      You'll note that the parent mentioned that CRAM-MD5 is sufficient for protecting passwords.

      How CRAM-MD5 works: server generates a random string and sends it to client along with a timestamp. Client takes random string and password and uses them as a key to a keyed hash function to compute the digest of the timestamp. Client then sends digest to server, which performs the same operation and compares the result.

      The idea is similar to other digest authentication protocols except that it uses a keyed hash function to hash a known string rather than hashing a concatenation (or XOR or whatever) of the password and the random data with a traditional, non-keyed hash function. Apparently, the keyed MD5 hash provides better cryptographic security, but protocol-wise, the result is the same: only a digest is transmitted and the digest cannot be replayed. The security of the system depends on the non-reversibility of the hash function.

      The parent poster makes an excellent point that SSL is rather overkill for POP/IMAP since CRAM-MD5 can protect your password and you gain little encrypting all the traffic as most smtp is clear-text. I've seen smtp servers that require START-TLS for receiving all mail, but these were accidentally misconfigured smtp servers that were not receiving the majority of mail for users. The CRAM-MD5 rfc points out that this still doesn't prevent tcp session hijacking (which ssl does prevent), and one can spoof a server without the PKI ssl implements, but I wouldn't worry about either of these points when reading email.

      Details in rfc 2195.

  12. Well, if you can deal with separating them... by amarodeeps · · Score: 1

    ...then you might want to check out Terabolic.com's service:

    https://secure.terabolic.com/signup/indexsingleema il.php

    Looks like they have what you want for email, and it's pretty cheap--$39.95 a year. That is, if you're willing to pay for email separate from hosting.

    In addition, it seems that Terabolic's email service is free of 'Poopyhead' and 'MegaCorp Suckage,' while still managing to be 'Magical.' What more could you ask for?

    ANTI-DISCLAIMER: I have never worked for Terabolic, nor have I actually tried their email service. Caveat emptor.

  13. Beaten To The Punch by tomblackwell · · Score: 1

    I was just going to recommend Rus's company. They have a very solid reputation in the Web Hosting world.

  14. root route by Dr.+Smeegee · · Score: 1

    rootroute.net

    A remarkable amount of stuff for not a lot of money hosted on OpenBSD. Nice folks too.

  15. SSH: The poor man's VPN by Goyuix · · Score: 1

    Have you thought about using SSH and tunnelling ports 110 (POP3) and 143 (IMAP)?

    I have seen adverts in the past for hosters giving you shell access, and you can bet they are using SSH to administer the boxes as well...

  16. HostNexus by Mizery+De+Aria · · Score: 3, Informative

    HostNexus offers several shared hosting plans as well as monthly promos in which any monthly promo can be used at any time. I am not sure about the dedicated IP, but you can always ask about it on their forum, which is for socializing as well as customer support. You can also email them for support or use their trouble ticket system. The forum is convenient for most issues. HostNexus uses Plesk and offers CPanel as well. Take a look at their services and feel free to post on the forum. By the way, I am not affiliated with HostNexus other than being one happy customer. Other features, such as SPAM filters, control panels, PHP, MySQL are all 'standard' but I just can't seem to find a company that offers that extra mile for paranoid security freaks such as myself."

    --
    If you're religishitty, KILL YOURSELF!
  17. How About Good Webmail Hosting by Llama+Keeper · · Score: 1

    I've been looking for a good place to park WebMail for several domains that I administer. I need optional spam filtering, good antivirus, and blocking of selected attachment types. I'd also like a decent pricepoint on this.

    Anybody out there in Slashdot land have suggestions for me?

    THanks

    LlamaKeeper

    --


    Rule of Life Number 2: Remember, it can all go to hell at any minute. --Jimmy Buffet
  18. It's not pimping ... by fm6 · · Score: 3, Interesting
    ...if you're honest about it being your own service, and about what the service offers.

    JVDS sounds like it would be a good option for skrysakj, since his main reason for avoiding dedicated hosting is the expense. He assumes that a non-dedicated solution means he has to take what the provider gives him. But a UML provider lets the customer have it both ways -- the cost structure is like a a shared provider, but the level of flexibility is like a dedicated provider. Which should appeal to a lot of people.

    On the other hand, cost is not always the crucial issue. Even if you can afford a dedicated box, you may not want the hassle of administering such a system. Even if the provider delivers a nice turnkey solution (as you do), the whole point of having a dedicated system is being able to install your own stuff. But if you do that, you better be prepared, skillwise and timewise, to maintain that stuff. And not all of us are.

    I personally would much prefer to have a provider that does all the donkey work for me. The problem with that is the provider always seems to have priorities that are not quite compatible with mine.

    The closest I've come to an ideal shared provider is DreamHost, where I currently host my web site. The big points: even low-end accounts get shell access (often an expensive extra, if it's available at all), IMAP (most providers consider POP sufficient), and being CGI friendly (maybe a little too friendly). But:

    • They insist that users keep their mailboxes small to avoid overburdening the mail server. This is enforced by a script that moves old messages from the mailbox to a regular file. Makes sense costwise, but it also defeats the main purpose of using IMAP -- having a central mail repository that you can easily access from multiple clients and systems.
    • They support SSH and encourage people not to use telnet or ftp. But their web console doesn't include any key generation utility. So you have to do it on the command line. Which, since I don't do it very often, I have to study up on each time. A real pain.
    • They're still on Perl 5.6.1, which has a lot of libraries that aren't taint-safe. They currently have no plans to upgrade to 5.8, citing massive version dependencies in their own software. Less of an issue, as I've learned more about writing secure CGIs, but it bothers me that their Perl is 3 years old.
    • A lot of their docs suck. Plus it's all on SSL pages, which can be darned inconvenient.
    I'm sure people can point me to other providers that do better than this on one or more points. I've found a few myself. (Love Google!) But taken as a whole, I've never found anybody who does even as well as Dreamhost. They solve some of the above problems but not others. They charge too much. They don't do IMAP. CGI support is iffy.

    I'm pretty impressed with SourceForge. But they don't do web hosting except as a part of their overall service.

    Oh well.

  19. Try OpenHosting by gtrubetskoy · · Score: 2, Informative

    Try here

    We provide VServer based virtual servers and by default we provison them with IMAP and POP SSL-enabled only.

    As a side note - I've been using SSL for IMAP since 1997 or so and I cannot believe there still are people using unencrypted POP/IMAP, but there are. If you ever happen to be sitting with a laptop at a corporate meeting, one where everyone plugs into an old ethernet hub in the middle of the table, it is always a lot of fun to fire up a sniffer to get all the passwords from the non-technical people at the table checking their e-mail (probably using Outlook too). Then you blurb out the password in the middle of a conversation and whatch the person's reaction. (Be careful - what may be interpreted as a harmless joke in the late nineties, these days will probably get you fired!)

    1. Re:Try OpenHosting by /dev/trash · · Score: 1

      And how do you login to your ISP? With SSL?

    2. Re:Try OpenHosting by gtrubetskoy · · Score: 1
      And how do you login to your ISP? With SSL?

      This is where the Virtual Servers come in, and this is an excellent example of why I think everyone should have one - you become your own ISP for about the same price.

      Why pay someone to host your mail or any other data in a way where it cannot be accessed securely when you can get your own Virtual [Dedicate/Private] Server and install the mail/web/whatever server of your liking and configure it the way you think it should be?

    3. Re:Try OpenHosting by /dev/trash · · Score: 1

      About the same price? How?

  20. Luxsci.com by ncl2fth · · Score: 2, Informative

    Has SSL POP3/IMAP email services. Excellent.

    Marc

  21. Why would a "paranoid security freak" by Anonymous Coward · · Score: 0

    Trust a server running a crontrol panel?

    Seems you'd want to limit the amount of (most likely) insecure software running.

  22. What about SSH forwarding? by halosfan · · Score: 1

    It would probably be easier for you to find a provider that gives you ssh access. Then you can use SSH forwarding to establish an encrypted channel between your mailreader and POP3/IMAP server. SSH forwarding is a great SSH feature that you can use for a variety of other neat setups. Try ssh man page for more details.

    --
    My only problem with Microsoft is the severity of bugs in their software.
  23. Postfix - enable opportunistic encryption by bill_mcgonigle · · Score: 0, Offtopic

    ...considering that all the email will have been delivered across the 'net by insecure, plain-text SMTP anyway?

    It's a good point, but the right thing to do is to fix the SMTP end, then the SSL matters.

    I was suprised how easy it was to enable opportunistic encryption under Postfix after it was setup for TLS SMTP sessions. Watching the logs was surprising - a large number of sites will actually negotiate TLS SMTP sessions given the chance.

    So if you're a postfix admin and a freedom-loving cypherpunk, get this turned on for the good of mankind.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  24. BSDHosting.net by ibbey · · Score: 1

    BSDHosting.net offers all of these features on all of their packages, starting at $4.95 (except no dedicated IP's on the cheapest packages). I've had a Root Server with them for about a year now and I've been extremely pleased. They're service is the best I've ever had from any hosting provider. I can't recommend them highly enough.

  25. Wow is this slashdot? Or spamdot ? by Anonymous Coward · · Score: 0

    WTF? Why is everyone and their mother is plugging stupid hosting they run here? This is SLASHDOT not SPAMDOT. Fark off.

  26. shameless plug by hellraizr · · Score: 1

    no harm in this... TimeHost Webhosting provides everything you want. dedicated ip addr, imap-ssl, apop, shared ssl cert for you site, php, cgi, mysql, live free phone support with no hold times, 100% linux shop. for as low as $7.95 a month. I'm not an ad-bot, just an ex employee that knows very well the value this company provides. also ded svr's for $69/month. if this thread is still alive, go ahead and click the link, they can survive a slashdot'ing, proof enough :)

    1. Re:shameless plug by Anonymous Coward · · Score: 0

      Go fark your self and take your 10$ monster template with you loser.

    2. Re:shameless plug by Anonymous Coward · · Score: 0

      To expensive! Only one pop email account for 7.95 a month? Lame...