Securing Your Web Hosting Account
Tuesday, February 24th, 2009When we first get acquainted with web hosting we have plenty of questions. Many years ago I remember being on the phone asking web hosting tech support how do I edit the files for my website. I certainly didn’t have the slightest idea how to edit the files securely. So I thought maybe I would cover this topic in more detail. It can be confusing and some web hosts aren’t quick to shed light on the subject.
Whenever you sign up for a hosting package your web host will likely provide you with a control panel environment to modify files and settings. I recommend looking for web hosting that supports cpanel instead of their own custom control panel. Why? A lot of web hosting providers support cpanel, so if you are not satisfied with your web hosting you can migrate everything over to another web host easily.
Lets explore the security of the control panel first. Once you have a web hosting account running cpanel you can access the control panel in the web browser with something like this “http://www.orangewidgets.com:2082/”. That will bring up the control panel login screen. Unfortunately this is not the secure version. Instead lets try “https://www.orangewidgets.com:2083/”. That is the secure version (notice the https). Much better. Most web hosts don’t really explain this too well. If your not using the secure version someone else can steal your username and password and hijack your account. Maybe they should tell you that!
Lets move on to actually editing the files on your website. You can edit your files in the control panel environment. It can be done securely (as long as you see the https on the edit page in your browser its secure). Unfortunately this gets old in a hurry. All of your code is in black and white. Its hard to read. Sometimes you will submit a change but the website will freeze. Its just not an ideal solution. There is a better way. Its called FTP (file transfer protocol).
We aren’t out of the woods yet with just FTP. FTP is not secure by itself! Once again that means someone can monitor your website and hijack your username and password. How to escape this nightmare? We need to take it one step further. We need Secure FTP (SFTP). Secure FTP will encrypt your username and password and all files transmitted. Perfect. So how do we set this up? Well, your going to need a web hosting account that allows secure shell access (ssh access). It is not provided in many basic web hosting packages. Fortunately Midphase provides ssh access in their unlimited web hosting package. You may want to consider Host Monster or Host Gator as well. They use cpanel and they feature ssh access at low cost (but I have not used either of these two web hosts just yet). In our SFTP Tutorial I’ll explain how to download a free SFTP client and set it up properly with your web hosting account. Then we will set up a free text editor that will work with the secure ftp client to make your life easy breezy.
![[Furl]](http://www.furl.net/images/logo-favicon.ico){kind=logo}
![[Newsvine]](http://www.newsvine.com/_vine/images/identity/button_seednewsvine.gif){kind=small}