Always Use Protection: A Teen's Guide to Safe Computing
Shop

 

What are the security implications of hosing a web site?

So, you're thinking about hosting your own web site at home? As you can guess, there are some security issues to be aware of, and non security issues as well.

Does your ISP allow it?

Most home DSL and cable lines are asymmetrical - that means the download speeds are much faster than upload speeds. That's great for web browsing, but a problem for hosting a web site. Why? Because when someone downloads a page from your web server, it's the same as your web server uploading the file to them - in other words, it can be very slow.

That's why web sites almost always use a T1 line or symmetrical DSL (which is more expensive).

That's also why many DSL and cable agreements do not allow you to host your own web site. You should check with your ISP to find out if it's allowed. 

Configuring your router or firewall

As described in chapter 5, you'll need to open a port in your firewall to the computer that is hosting the web service. This will usually be port 80.

DNS (Domain Name Service)  

If you want your web site to have a domain name (like www.yourname.com), you'll need to register it with one of the domain name registrars. You'll also need to specify a name server - that's a computer that translates your domain name into the IP address that computers use to contact each other. Running your own name server is not for the faint of heart, so your best bet is to find a registrar that will handle that for you. www.godaddy.com is a popular and inexpensive registrar.

Extra Security

Regular Windows update does a fine job of making sure that your computer is up to date. However, it doesn't necessarily find patches for all of the applications on a Windows system, including Internet Information Server (IIS). If you're going to use IIS you should download and run the Microsoft Baseline Security Analyzer http://www.microsoft.com/technet/security/tools/mbsahome.mspx and follow it's recommendations to secure your web server.

If you're running another server (such as Apache), check the distribution site from which you obtain it for security recommendations.

Security isn't just software - I strongly recommend using a UPS (uninterruptible power supply) for any server that's going to be on all the time. 

Have you considered alternatives?  

It's very hard to run a high throughput and reliable web site from home. Most cable/DSL lines won't support heavy traffic. Any outage in your connection will bring your web site down. You'll be responsible for all updates, configuration, backups and so on. That's fine for a casual home web site, but not for anything serious. And if there's a problem while you're on vacation, the site might be down for days.

Consider a hosting plan. You can find them for less than $10/month for small sites, and they'll take care of everything for you. A couple that I've used or heard good things about are www.godaddy.com and www.interland.com.

Trust me - I know what it takes to run and administer a web server. There's a reason why this site, my company site, and my personal blog are all hosted.

 

 

 
Buy your copy of Always Use Protection today from your local bookstore or online:

 

Amazon.com

 

 

 

Copyright © 2005 by Daniel Appleman All Rights Reserved. [contact] [privacy]