Things To Look For In a Web Hosting Company?

v1x writes "I have had an account with my current web hosting company for a few years, with 3 domains being hosted there (using Linux/PHP/MySQL). Recently, all three of these websites stopped functioning, and upon checking the site, all my directory structures were intact, whereas all of the files were gone. Upon contacting their technical support, I was given the run-around, and later informed by one of their administrators that none of the files could be restored. Needless to say that I am looking for a different web hosting company at this point, but I would like to make a more informed choice than I did with the current company. I have read a similar Slashdot article (from 2005) on the topic, but the questions posed there were slightly different." Reader mrstrano has a similar question: "I am developing a web application and, after registering the domain, I am now looking for a suitable web hosting provider. It should be cheap enough so I can start small, but should allow me to scale up if the web site is successful (as I hope). The idea is simple enough so I do not need other investors to implement it. This also means that I don't have a lot of money to put on it at the moment. Users of the website will post their pictures (no, it's not going to be a porn website), so scalability might be an issue even with a moderately high number of users. I would like to find a good web hosting provider from day one, so I don't have to go through the pain of a data migration. Which web host would you choose?"

Things I look for

[symbolset]

Do they use Linux only? I only want Linux hosting, and mixed providers are always trying to push you over into Windows hosting because they're being incentivized to do so. I've been around and don't need to hear that pitch again.

Effectively unlimited domains, bandwidth, storage and MySql databases, email accounts, FTP accounts - multiple user accounts I can lock down to one domain or folder for these because I might want to job out management for a domain or subdomain. Because I never know today what I'm going to be using it for, and this is a long term relationship that's challenging to get out of.

Cheap domains - under $15 a year. As many as you want on one hosting account, because I collect them as a hobby.

PHP, Perl and Python of course.

Ease of migration away. I figure if there's a button on their interface to release my domains to another registrar they'll try and keep me with good service rather than difficult migration.

Reasonable policies about certificates and dedicated IP addresses. Because I might want to open a store.

Reasonably easy and flexible setup of web apps, because I might want to run a package. Self-help configuration because I'm always fiddling with things after business hours.

I like BlueHost. No, I don't work for them but they've been making me happy for quite a while.

Re:Things I look for

[TooMuchToDo]

Effectively unlimited domains, bandwidth, storage and MySql databases

Be somewhat realistic. Not even Google provides unlimited storage space for their services. You get what you pay for.

Re:Things I look for

[LostCluster]

Yep. All hosting resources are finite, so anybody offering anything "unlimited" is clearly overselling what they have. I'd look for somebody who quotes a higher-than-I'll-ever-need number as proof that they're limiting potential hogs.

Re:Things I look for

[samkass]

For $15 a year you're not going to get a world-class hosting service. If you look at the hosting providers that mon.itor.us show above 99% uptime, you tend to see similar names every year. Pair.com is my favorite-- they always have great performance and near-perfect uptime. I've been using them for 12 years or so and I've never seen my site down for one minute. They're not the cheapest, but the poster didn't sound like he was looking for the cheapest-- he wants the ones that's reliable and that he won't have to worry about, ever.

(I don't work for them, just a happy customer.)

Re:Things I look for

[ircmaxell]

Read the fine print when you sign up for an unlimited account. I've seen "unlimited bandwidth" accounts that were capped by the 1.5 mbps uplink to the internet. Sure, it's "as much as you can fit out over our pipe", but the question to ask is how big that pipe is. Same goes for disk space. Same goes for CPU time. Actually, CPU time is the bigger resource, since more often then not, you'll get an angry call saying "pay more, or we'll shut off your site for excessive cpu usage"... Unlimited is just an advertising term. There are so many other limitations on it, that the advantage is on the side of the hoster.

That being said, I much prefer a VPS (Managed or unmanaged). Sure, it'll cost a few $$$ more, but you get everything spelled out in advanced. You get an x% share of a y CPU box guaranteed. You get a z mbps uplink, and i gb of san based disk storage. Plus, with a VPS, if your site does grow, you can just increase the vm's specs up to 1 full server without having to migrate (assuming a decent host)...

Re:Things I look for

[soundguy]

If you really expect "unlimited" resources for a trivial amount of money, you're a clueless cheapskate and no reputable hosting company wants you as a customer. Companies that advertise "unlimited" anything have mountains of fine print in their TOS. If you become inconvenient to host because you actually believed their line of bullshit on the front page and attempt to use large amounts of disk space or bandwidth, your account will be deleted for any number of petty excuses like excessive CPU cycles or memory usage.

Also, domain registration and web hosting have nothing whatsoever to do with each other. Any hosting company that tries to tie the two together as one product is scum and should be avoided. Go register your domains with any Enom or WildWest (GoDaddy) reseller and then go get your hosting somewhere else.

Remember, shopping for hosting on price is a fools game. SLAs and quality service cost a shitload of money. If you don't pay for them, you won't get them.

Re:Things I look for

[xous]

Hi,

As a systems administrator at a hosting company I'd suggest you do the following:

* Use a 3rd party registrar. A real registrar not a reseller of a reseller of a reseller of a registrar. Do not keep domains that have any value with your hosting provider.
* Use a 3rd party backup service. Do not depend on your hosting providers backups.

Those are the two biggest mistakes I see customers make all the time.

Since you haven't really given us anything to work with regarding bandwidth, space, and resource usage I can only provide generalized suggestions.

Research the hosting company.
* Real legal entity for the company.
* Own their own data center (preferably date centers) or at the very least hosted in a respectable DC.
* Read customer reviews. Your not looking for a perfect score. I'd find that suspicious. Don't heavily weight reviews either way as every hosting company pisses off some warez kid and some companies that I've worked for previously have paid staff to post good reviews. One in particular even owns and hosts their own promotional sites while setting the setup the site to appear as a happy customer's site.
* Talk to their support/sales staff. Ask questions that are difficult.

Pay more than $6.99/mo or whatever the current gimmick for unlimited everything plus the moon.

Do you really want to know why?

Average hosting company pays front of the line employees around $8/h. Most of these are horrible techinicians.

Let's say you put in 6 tickets a month. You've effectively cost them $1.01 for that month.

Now lets say this company has semi-competent technicians at $16/h which you buy you about 25 minutes of tech time per month. This doesn't even factor in hosting costs which aren't cheap.
 

Cut to the chase picture "website"

You're going to run a *chan site..

NearlyFreeSpeech.net

[Stile+65]

I've had great luck with http://nearlyfreespeech.net/ - they're security-conscious, anti-spam, pay-only-for-what-you-use, and I like their political pro-privacy and pro-free speech stance. I have a feeling most of the people here at Slashdot would be very comfortable with them. They run FBSD, not Linux, but it's really not that huge a difference for web development.

Make sure you read the caveats about what will and won't work with their service. Things like Django and RoR won't really work because of the need for a persistent process, and they don't yet have support for cron jobs (but they're working on it - it's difficult because of the way they're set up). OTOH, MVC frameworks for PHP like CodeIgniter will work just fine, and they've got Catalyst installed for Perl coders. They do make it very clear about what they do and don't support, though.

Re:NearlyFreeSpeech.net

[clarkkent09]

Read Error. Your request could not connect to the correct web server. This typically occurs as a result of a temporary outage or problem on our network....Generated Mon, 22 Feb 2010 08:06:41 GMT by vhost.phx4.nearlyfreespeech.net (squid/2.7.STABLE7)

I'd expect my hosting company's website to be a bit more immune to slashdotting.

Re:Better than shared hosting...

[mrsteveman1]

Second the linode recommendation. The staff are responsive and even proactive if there is a potential issue with their servers, and the management system is simple without being restrictive. We recently started using our own kernel, because you can.

They score highly in performance benchmarks as well, which I can verify from over a year of managing 6 linodes, they're really fast.

http://journal.uggedal.com/vps-performance-comparison

DreamHost

[agrif]

I have had a good experience with DreamHost. Their support is snappy and helpful, and the people who work there seem generally kind. They have a fine set of dreamhost-specific howtos maintained on their wiki, and a powerful but easy to use panel for administration.

They run linux boxes with the full complement of command line tools (with compilers and everything!), and the only restriction is no persistent processes. If you want to do that, you can buy their pricier private server option which gives you your own private server instance.

They have some great terms of use (as far as storage and bandwidth are concerned), and their prices are reasonable. I got a great deal a while back on two years of hosting, and now I'm hooked on the service.

Make sure you go over the contract very carefully

[efalk]

Hoo boy, the stories I could tell. Actually, I can't, because the hosting provider threatened to sue us if we named them publicly.

OK, first, if there's more than a couple of servers involved, and your business depends on it, use two or more different providers. If you only have one provider, it puts them in a position to screw you. When we terminated our relationship with our provider, they held our data hostage until we paid them an additional $15,000 to put our servers on line again long enough for us to copy our data.

Which brings us to: DO YOUR OWN BACKUPS. Service providers either don't do them, or they don't do them right. The world is full of horror stories of customers paying the data center extra for backups, and then finding the backups were never actually done. And even if they do do backups, they maintain control of them, which puts them in a good position to extort you.

Remember, the practice of holding your data hostage goes back a long way. Happened to my father's company back in the 70's mainframe days. It still happens.

Most important of all: have a professional go over your data center contract with a fine-tooth comb. The default contract they'll give you (or at least the one they gave us) is highly abusive.

For instance: if you don't explicitly terminate a contract at the end of its period, it's automatically renewed for another 18 months. You need to give 2 months notice before the end of the term before canceling. There is no early termination. If you so much as upgrade a single disk drive, the contract is automatically renewed for another 18 months.

Here's a doozy: our contract specified that if a server went down, they would either fix or replace it within two hours of determining the problem. The catch: they merely have to say that they haven't determined the problem yet, and then they don't have to replace anything. Our main server was kept off-line for a month this way.

Don't lose your files...

[maiden_taiwan]

No matter which provider you choose, never depend on them for backups. Keep your originals locally and copy them to the webserver. Rsync is a great, effortless tool for this kind of synchronization. If you're maintaining SQL databases on the webserver, back them up at least daily with cron and download the backups. A few simple scripts will work wonders for your protection and your sanity.

as a (now former) web host system admin...

[bsDaemon]

I was a system admin for a while at a web hosting company, though I left in December for another company in a different sector. Quite frankly, the experience of the OP isn't that unusual. Hell, some of people on my team would accidentally nuke fully-dedicated servers and then tell the customer that it was "russian hackers" or a "raid failure" instead of just owning up to it. More often than not, I was the one getting stuck taking the call and trying to make things right, which is one of the reasons I got out of there.

We all know shit happens, and accidents can occur. That doesn't excuse not owning up to it when they do. In the case of the russian hacker excuse, the admin who came up with that gem tried to tell the senior admin that's what happened, too. When he found out that he was lied to, he pretty much went ballistic.

That said, check the following stuff:

1) if they are advertising "unlimited bandwidth," what's the actual throughput that they're allowing -- especially if they phrase the actual offer as "unlimited data transfer." Bandwidth usage is tied to memory usage, especially in the monitoring tools that come on cPanel-enabled servers, and so if you're pushing a lot of data it can spike your memory usage and

2) if they'd advertising "unlimited disk space," what are the limits at which their backups stop, if any? whats the amount of disk space? if you're doing shared hosting, which hopefully you're not, then that affects whether or not your account ends up getting moved, at least where I worked, a lot of the job on overnight rotations was moving accounts for disk space management.

3) what are their resource policies? On shared servers, we'd kick people for using more than 1% of CPU, generally. On a VPS, it could get a little higher.

4) if you're looking for a VPS, check what platform they're using for hosting, whether its Xen, VZ, etc. VZ doesn't track memory internal to the container, or really allow for swap space, etc. So, if you were buying a 256M plan from us, you'd really get 1024M memory segmentation which was the "burstable," but memcached would leak out and suck up RAM from the whole server if it weren't installed right (and a lot of people in my department didn't know this or didn't care). If you plan on using something like memcached, you'll want a hardware dedicated server, or a sufficiently large Xen container.

5) super-double check backup policy. We wouldn't back up dedicated servers, for instance. Backups could be configured to push to our array for a fee, or we could turn on local cpanel backups on the server, but if the disks really did go bad then you'd still be fucked if you weren't snapping copies back to yourself via FTP and keeping them local. If you're looking for a VPS or shared hosting, then make sure you know the backup rules -- how much data, and how it gets backed up. For instance, our setup used rsync over an NFS mount, which meant that we'd have a copy of the latest of everything that was there when the backup ran, but if something was corrupted before the backup, we'd have a backup of a broken file.

Some recommendations of companies other than the one I worked for, which I've used for various things and liked well enough are Slicehost and RootBSD. They're both Xen-based, allow a really high level of autonomy, etc. Slicehost pretty much lets you do everything yourself. You can go from no server to vps with root in about 5 minutes with no human interaction. RootBSD takes a bit longer to get set up, but their support people were always really helpful to me, and the added benefit of not being Linux-based, but using FreeBSD though OpenBSD is also a custom option as well.

Re:Try Webfaction. Here's why:

[rotide]

I'm a random slashdot poster and just an fyi.

Your whole post was pretty much void after you linked your referral link. The fact that _you_ get benefits from people signing up makes me think your review might be biased.

I mean, if you don't sell me on their service, I'm not going to give you your referral bonus.

Simple point, if you really want people to trust your review, don't post your referral links.

Again, that was just my opinion on your post, I'm not saying you're wrong.

A different viewpoint

[stonecypher]

1) Failures will happen. Design for them. Have at least two hosts, in significantly different physical locations. If a host gets hacked, if their backups were silently failing, if they go out of business without warning like RedONE did, if they get hit by natural disaster, et cetera; there just isn't anything you can do to isolate from that. Redundancy is key.

2) Ask hosts about their backup policy and strategy, as well as their redundant disk setup, before you get started. It's not a perfect answer, but it gives you a decent sense of how on the ball they are - if they're spending for the extra disk space, then they're probably not cheaping out other places either.

3) A week or two in, request a backup restore. You don't have to make up a failure or anything; just say you've had problems with hosts lying about backups in the past, and you want to make sure you're on good ground. Make some changes to your setup beforehand every 10 minutes on a cron, so you know how old the backup is when it's restored.

4) Ask about gotcha policies like how they handle over-bandwidth (free day, shutoff, charge per unit, etc) and so forth. That'll give you a sense of how they'll behave if/when problems happen.

5) Expect problems to happen. The engineering overhead of replication isn't that big these days, and the cost of not having it is immense. Furthermore, in addition to replication, which secures against failure, also have backup, which secures against attack. Backup can be by FTP to one of those cheapo shared hosts that don't care about disk space, but it needs to be at a distinct third location.

Basically, don't try to find a host that won't have problems. You'll find Santa Claus sooner. Parts fail, people make errors, people do shady things, attacks are made, natural disasters and backhoes happen, et cetera.

Just have a contingency plan in place. If you can handle a failure, it's no longer a critical problem. It's usually cheaper to have three normal hosts than one super duper bullet proof host. Leverage economy. The internet is designed for handling the failure of cheap parts through massive redundancy.

Leverage that. It's the smartest thing in network history.

Avoid NearlyFreeSpeech.net

[gHT9]

Nearlyfreespeech is not for everybody. I used to recommend them, but not anymore.

Here are the advantages:
* low cost, especially for tiny sites
* SSH included, no bullshit regarding that

Disadvantages:
* php and mysql performance is very slow. the servers are overloaded
* ssh is very slow. there is lag between every command. This is especially noticeable when using sshfs
* sometimes there is lag for simple page loads
* no cron, no https, several little things you may have come to expect from a host are not provided by NFSN
* reliability: a couple of times a year, NFSN will make some arbitrary change that may cause your sites to go down. The first time, the permissions on all of my files changed in such a way that the web server could not access them, and I had to manually change them back. The last time, symlinks stopped working, and I had to find every one, delete it, and recreate it.
* reliability: I don't think NFSN even has 2 9's. (ie less than 99% uptime). When NFSN is down, they still charge you for storage, but not bandwidth. This is fine for them, but might not be for you.
* NFSN is a one-man LLC, named Jeffrey Wheelhouse. If you ever need to deal with support, you will notice that this guy is a self-righteous asshole. Just look at the forums, and his responses. I wouldn't usually consider this a problem, but because NFSN is so buggy, you will have to deal with this man eventually.

Re:Avoid NearlyFreeSpeech.net

[WK2]

I second the motion to avoid NFSN. Sometimes cheap can be really great, like Google search. But NFSN is just plain cheap. Also, NFSN has recently raised their prices, so even medium sized sites will end up paying the same amount they would for a decent service, but I doubt that NFSN has improved their service at all.

Go dedicated.

[Pteraspidomorphi]

Shared hosting is like like living in a small house with fifty strangers. All of you have a job that requires you to go in and out all the time. And there is only one door.

Go for a cheap dedicated and unmanaged server and carefully manage your own backups. Watch out for 95% billing if you have any real traffic needs. Look for reviews in forums like webhostingtalk, not review sites. As recommended by an earlier commenter, look at the nameservers and make sure you are buying from the actual provider and not a reseller. Look at the upstream providers of your selected server provider, tier-1 ISPs are good, as well as lots of bandwidth between your chosen ISP and the internet, and a good SLA. Avoid "shared 100mbps". Look for extra costs you may have to pay before actually making a contract - For example, many providers will charge ridiculous amounts of money for extra IP addresses or extra domains in some stupid exclusive control panel (*cough*Plesk*cough*). A good domain name registrar is name.com. A bad domain name registrar is godaddy. Buying your domain name from your server host is unthinkably stupid.

Backups

[bradgoodman]

I used Webintellects - for several years. One day they had a hardware failure which took down my server. When they restored it - their backup process was found to be...lacking. They could only restore my site from a ONE YEAR OLD backup!

Long story short - If the data is critical - trust no-one - use multiple different sources which you control for the data!

Re:Try Webfaction. Here's why:

[Mantic]

That wasn't a review in some non-biased comparison between multiple hosts. It's my biased opinion.

I'm not a professional critic trying to be as non-biased as possible. I rather like Webfaction and think it's worth a shot. If you shared something really cool that I ended up purchasing, I wouldn't hesitate to give you credit. That's what the whole referral business is for.

A snake-oil thing to do would be if I tried to trick people into clicking the link. Instead, I offered the referral option AFTER posting a direct link to their site.

"I mean, if you don't sell me on their service, I'm not going to give you your referral bonus." Exactly, hence my disclaimer "If you DO decide to join, don't be afraid to use me as your referrer." Besides, I believe the bonus is only for those who register an account. Clicking does nothing for me.

Anyway, thanks for your honesty!