OT: Worthwhile *security-competent* web host?
Chris Nicholson-Sauls
ibisbasenji at gmail.com
Sun Jan 25 09:32:08 PST 2009
Nick Sabalausky wrote:
> Anyone know of a reliable, reasonably-priced web host that...and here's the
> key part...actually understands even the most basic security concepts?
>
> It seems like every place out there has an IT/support department that is
> absolutely convinced of one or more of the following:
>
> 1. Unencrypted emails are secure.
>
> 2. PGP *signing* an email encrypts the entire message.
>
> 3. It is somehow possible to email users their passwords without the
> password ever being stored in either plaintext or in a reversible form (not
> counting, of course, the process that actually sets the password in the
> first place).
>
> 4. Secure access to the control panel isn't important.
>
> 5. If all of the navigation links and redirects inside of the HTTPS secure
> version of the control panel (including the URL that the login form submits
> to) all point directly to the insecure HTTP version, this somehow doesn't
> defeat the whole point of having secure control panel access.
>
> 6. Some other such silliness.
>
>
I gave up trying to find a good one ages ago. There's always the option
of starting an account with SliceHost and doing it yourself, though.
-- Chris Nicholson-Sauls
More information about the Digitalmars-d
mailing list