[email protected] Posted March 10, 2003 Share Posted March 10, 2003 Looking for a web hosting company to handle, what else, an osCommerce site. Key requirements: - Low cost (assuming shared server) - Linux or Unix shell access - Daily backups (file and DB) - Assuming php will run su'ed in cgi environment (due to security) - SSL for entire site - Billed in US$ Reponses will only be considered via email to [email protected] :) Larry Cannell [email protected] Link to comment Share on other sites More sharing options...
mikeputnam Posted March 12, 2003 Share Posted March 12, 2003 I concur. What should we look for in a host? Any specific recommendations? Reponses will only be considered via email to ... I would prefer responses be posted here! Link to comment Share on other sites More sharing options...
mattice Posted March 12, 2003 Share Posted March 12, 2003 I would prefer responses be posted here! That's not allowed... read the forum rules: No commercial postings. So e-mail / pm only :D Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
mikeputnam Posted March 12, 2003 Share Posted March 12, 2003 I would prefer responses be posted here! That's not allowed... read the forum rules: No commercial postings. So e-mail / pm only :D Mattice I see. Could you direct me to a list of host requirements to run osCommerce? Link to comment Share on other sites More sharing options...
toolcrazy Posted March 12, 2003 Share Posted March 12, 2003 I see. Could you direct me to a list of host requirements to run osCommerce? Web server, prefer Apache, but will work with all PHP enabled servers PHP mySQL If you want a host recomendation, PM me. Steve ------------------------- Link to comment Share on other sites More sharing options...
mattice Posted March 12, 2003 Share Posted March 12, 2003 Like Toolcrazy said: * php4 (with register_globals enabled) * mysql And for your own comfort you might want one that offers shell access. Apache / Linux is a pre IMO but that's a personal taste. HTH Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
Acronym B.O.Y. Posted March 13, 2003 Share Posted March 13, 2003 Like Toolcrazy said:(with register_globals enabled) Which is something you can usually do yourself in htaccess, even if by defualt (like the latest version of php) its turned off. More importantly, you want uptime gaurantees, an aggressive SLA, 24/7 support, and competant techs! Link to comment Share on other sites More sharing options...
mattice Posted March 13, 2003 Share Posted March 13, 2003 More importantly, you want uptime gaurantees, an aggressive SLA, 24/7 support, and competant techs! If you are serious about business get a dedicated server, nothing less. "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
[email protected] Posted March 13, 2003 Author Share Posted March 13, 2003 Unfortunately, the choice to use a dedicated server is not always so clear. There are many "serious" businesses for which the use of osCommerce on a dedicated server doesn't make sense. Perhaps a business is just starting out, doesn't expect high enough volume, etc. But, I understand where you are coming from. Let's not forget that the use of a osCommerce is a business decision and not just a technology decision. Shared environments are more cost effective and, therefore, have an impact on this business decision. Larry Cannell [email protected] Link to comment Share on other sites More sharing options...
mattice Posted March 13, 2003 Share Posted March 13, 2003 Business decisions should be made considering the technical issues in this matter. After all, we're not running a homepage here, we're running an e-commerce solution. .. I strongly feel any e-commerce business should be done through a dedicated server that has no other users except the ones running the show. Shared environments, especially on cheap 'hosts' (that spend 1800 bucks on cPanel or the like), are ussually a serious security threat. So avoiding that is wel worth the extra $$$ to have your dedicated machine, small startup or large enterprise. I'll quote someone, don't remember who it was, on these forums: "If you only have a $300 budget you need a new business plan" Obviously these are my personal opinions, not those of the osCommerce Team. We want osCommerce to run nicely on ANY host and both Linux / Windows platform. And it does. But as soon as you are going live you should move to dedicated IMHO. Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
[email protected] Posted March 13, 2003 Author Share Posted March 13, 2003 Limiting use of osCommerce to only dedicated hosts will result in a large number of opportunities lost. Granted, these are small opportunities and many people reading this may not want to go after them. But, as a whole they represent a fair chunk of change. Even consolidating the "medium-size" opportunities onto fewer servers represents a profit opportunity for the provider. IMHO, the use of shared services should not reduce the security of an application. The most important factor is the quality of the hosting provider. No one should assume that running on a deciated host will make your app secure. Dedicated hosts can be mismanaged and unsecured. There are no quick wins when it comes to security. Larry Cannell [email protected] Link to comment Share on other sites More sharing options...
mattice Posted March 13, 2003 Share Posted March 13, 2003 Limiting use of osCommerce to only dedicated hosts will result in a large number of opportunities lost. Granted, these are small opportunities and many people reading this may not want to go after them. But, as a whole they represent a fair chunk of change. Perhaps my post did not come across correctly, you seem to misunderstand what I wrote. I am in no way suggesting osC should be limited to certain types of hosting, on the contrary! I merely stated that, in my personal opinion, I think hosting an e-commerce site (any, not just osC) should be done from a dedicated machine. Number one reason is security, second reason is performance. That's all. IMHO, the use of shared services should not reduce the security of an application. It shouldn't but the truth is it often does. Keywords here are users and permissions. The most important factor is the quality of the hosting provider. No one should assume that running on a deciated host will make your app secure. Dedicated hosts can be mismanaged and unsecured. Agreed. Having a dedicated server does not guarantee anything EXCEPT the fact you decide what runs on it and what not. This is a big PRO but immediately the big drawback is you should have / aquire the know-how as to secure it properly. Most people prefer to have the ISP experts do this which 99% of the time results in shared hosting.. along with it's drawbacks. There are no quick wins when it comes to security. <flame bait>Don't use Windows is a start.. ;)</flame bait> Regards, Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
[email protected] Posted March 15, 2003 Author Share Posted March 15, 2003 Anyone have experience with this new crop of hosting services called VDS (Virtual Dedicated Servers)? These are virtual computer systems based on software. It allows a server to be carved up into multiple virtual servers each running it's own operating system and application software. In essence you can purchase your own dedicated server, but now for a fraction of the cost because you are sharing the hardware. From a security standpoint I can't envision a shared environment that could be more secure. From a configuration management standpoint you get the most flexibility, if you are capable of configuring your OS and webserver. My only concern at this point is with performance. How well does a database run on one of these? How good are the scheduling algorithms or can one virtual server dominate resources? How much experiences does a hosting provider have with VDS and how well are they configured? VDS seems to provide the best a dedicated server can offer while retaining most of the cost effectiveness of a shared environment. Larry Cannell [email protected] Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2003 Share Posted March 15, 2003 I helped a client move to VSD, and then helped them move off. Performance stunk. JMHO, I was not impressed. Link to comment Share on other sites More sharing options...
Guest Posted March 21, 2003 Share Posted March 21, 2003 I will agree that CPanel/Redhat is probably the worst choice for security and performance there is. The typical problem is that you are usually dealing with a reseller of a reseller of a reseller (ad infinitum) who has no more control over the server than any other user. Also with CPanel, if shell access is allowed, everyone (from your host to your host's host's host) has the same access and can pretty much see every other process running on the server. Most are months if not years out of date as far as security patches, and they are almost never segmented into VPS to prevent crackers from having potential access to everyone's processes. CPanel makes it easy and cheap to host 3000 sites on a crappy celeron box with a 10/100 nic, but that doesn't mean that it should be done. As far as VPS products go, the usual problem is the same, low powered/over-populated servers. We currently host sites on FreeBSD virtual machines with a max of 30 typical 50MB osC sites per VPS which are set up by hand, not using any potentially flawed automated processes. With multiple private-peered OC-12 backbone connections and high-horsepower servers we generally have no troubles at all. We are still continually evaluating lesser Linux solutions/providers in an attempt to find one with reasonable security to lower costs, but as of yet, we have found none. When we do, we will be sure to offer it to our customers. Right now our price point is about $20/month with fBSD, we hope to find a provider to get us into a more comfortable $12/month range for the "bargain hunters", but we won't skimp on security, bandwidth or performance to get there. If you don't have the experience or cash to run your own server, a VPS with a reputable firm with large pipes and REAL servers on fBSD is the way to go. Expect something in the $69/month range and up. Stay away from dirt cheap RH/CPanel hosts, in this instance you really do get what you pay for. As to who to choose and who to avoid, if you want to ask us what we think of a particular host, just msg us, we will tell you what our experience is with them, if any, and also let you know who we use. Link to comment Share on other sites More sharing options...
Guest Posted March 21, 2003 Share Posted March 21, 2003 Rob, I would suggest that you read the forum rules. They prohibit commercial postings. Your last post was definately commercial in nature. Link to comment Share on other sites More sharing options...
Guest Posted March 21, 2003 Share Posted March 21, 2003 I take offence to that "Bird Brain" 1st, I very openly explained some of the issues that face people looking for hosting, no matter the price level, and then explained what worked for us and why/how well. I also offered to let anyone who msg'd/emailed me know what experiences we have had with upstream providers(if any) they were looking at themselves, and that we would also let them know the name of OUR upstream provider that worked for us. I at no time during the post offered for fee any of our services, only explained our own experiences with reference to the question at hand, as well as our troubles getting hosting to a price point we felt the average user would be comfortable with. After which we graciously offered free help/info to anyone looking to compete with us on a level playing field. I have no doubt that while many people probably msg'd the originator of the post trying to get him to use 'their' services which would NOT benefit anyone else reading the forum in a similar situation looking for info, and most definitely would be 'commercial' purposes. What I did was simply offer everyone the information I have spent years learning the hard way through actually purchasing hosting accounts with various providers and extensive testing. Much like you offering every other 'bird toy' seller out there your personal list of good and bad wholesalers. Or providing information on how to structure categories in the osC cart for that matter which, even though it is an open source application, it's defined purpose is most assuredly COMMERCIAL. I have spent nearly 2 years in the live chat answering questions and helping people solve problems with their osC carts, or figure out how to tweek their contributions to get them just right before posting, and occasionally, someone even mentions my help in the contributions. Not that I have ever once asked for any recognition, or come here to pump up and be seen. I would make a recommendation to you to check your gun and ammunition at the door, and not take pot shots at whatever you think might be in violation of the rules, before you take a minute to reflect on the spirit it was offered in. Most people won't help when they are criticized or slapped in the face, and nearly none of them would ever offer what I offered (how many times have you given out your secret chew toy distributor list, or offered to give a competitor free supplies?). Link to comment Share on other sites More sharing options...
mattice Posted March 21, 2003 Share Posted March 21, 2003 ... Nevertheless your signature is commercial -which automatically makes all your posts commercial. Please change it. Thanks, Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
Guest Posted March 22, 2003 Share Posted March 22, 2003 I apologize for that sig, but I was posting quickly and forgot to turn it off, you will note it WASN'T on the post "Bird Brain" complained about. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.