OT: Worthwhile *security-competent* web host?

Chris Nicholson-Sauls ibisbasenji at gmail.com
Sun Jan 25 09:32:08 PST 2009


Nick Sabalausky wrote:
> Anyone know of a reliable, reasonably-priced web host that...and here's the 
> key part...actually understands even the most basic security concepts?
> 
> It seems like every place out there has an IT/support department that is 
> absolutely convinced of one or more of the following:
> 
> 1. Unencrypted emails are secure.
> 
> 2. PGP *signing* an email encrypts the entire message.
> 
> 3. It is somehow possible to email users their passwords without the 
> password ever being stored in either plaintext or in a reversible form (not 
> counting, of course, the process that actually sets the password in the 
> first place).
> 
> 4. Secure access to the control panel isn't important.
> 
> 5. If all of the navigation links and redirects inside of the HTTPS secure 
> version of the control panel (including the URL that the login form submits 
> to) all point directly to the insecure HTTP version, this somehow doesn't 
> defeat the whole point of having secure control panel access.
> 
> 6. Some other such silliness. 
> 
> 

I gave up trying to find a good one ages ago.  There's always the option 
of starting an account with SliceHost and doing it yourself, though.

-- Chris Nicholson-Sauls



More information about the Digitalmars-d mailing list