Tuesday, March 15, 2011

Basic guideline while using web hosting accounts for open source applications.

Now a days almost all the web hosting companies provide one step script installer, which means we need not download the required open source application and then unzip them, correct thier permissions, create database ..etc and install them. With a click of a button the required application will be installed within our web directory, we then just need to configure and use them. 

Its found to be a common habbit that we install many of these applications initially for testing purposes, different applications for personal, friends and relatives but once the testing is done we will either forget or neglect to delete these applications or databases which are not in use, couple of weeks or a month these application will be outdated and the new version will be released with the known bug fixes but the old version of these applications will be still existing in our web hosting accounts untouched as we do not need them. 

The spammers/ hackers created robots or bots will always look for such kinds of old version applications in the internet as they know their vulnerability and way to hack into these kind of applications for thier benfits, they then populate thier contents, advertisements into these application databases to  to increase their site's ranking or PageRank. This will not only grow in size of the database but also use extreme server resources by generating huge mysql queries in batches hogging the mysql server or an application server resources collectively causing slow loading of sites or a complete downtime for the accounts hosted on the same server. 

So here are few ticks and tips to use the web hosting account efficiently:

#1. Un-install/ Delete all of your open source applications like wordpress, joomla, phpBB, drupal, SMF or any custom built ..etc which are not in use along with thier files and databases.

#2. Keep yourself updated with corresponding applications main site or vendor for the updates, bug fixes and update your application accordingly to the latest stable version.

#3. I stress latest stable version because there might be few latest versions available on their site like alpha or beta version, this means the realease is still under development and there might a lot of changes to the applications once its released as stable version. So use the current stable version until the beta version gets released to be an stable version.

#4. Install only the themes, plugins, addons that is been supported by the current version of the application, also make a thorough investigation of an author, developer of these addon products before installing the same as there are few spammers who create their own themes, plugins or addons for free as to take control on your blog or websites. So its always better to verify about these factors before installing any of these addons. 

#5. Also read the documents provided by the authors on their addons and understand as what rows are being affected in the database table and the application. Because, it's found that few of these themes, plugins or addons will not remove their complete information from the files or databases and you might need to remove them manually.

#6. Even few themes, plugins or adddons will have their newer version or bug fixed version available. Update them to the latest stable version available but make sure the current version of your applicatin supports them.

#7. Never ever try all the addons available in the internet. Try only the ones which are popular and the one developed by the popular authors or the vendor suggested addons.

#8. Keep your admin login password as complex as possible inorder for anyone to easily guess your admin password.

#9. Do not provide full access on your web directory or application directories and keep them as low as possible access to the world.

#10. Monitor your application and database on daily basis like deleting the unwanted rows from the desired tables, truncating or archiving or clearing the entries from the log tables periodically. 

#11. It is always adviced to keep your databases tables Indexed and optimized. To optimizate your database tables,you may just login in to your phpMyAdmin and select the database whose tables you wish to optimize. A list with all the database's tables will appear. Check the tables you wish to optimize, or simply click [Check All] option to select all tables listed. From the [With selected:] drop-down menu choose Optimize table. This will execute the OPTIMIZE TABLE SQL query on the selected tables and the tables structures, indexes are updated and optimized.

Note: when I say 'your application' this always refers to the application that you have installed it may be wordpress, drupal, joomla.. etc.

So if you follow these basic steps there are very less number of chances of your database / application getting listed under the web hosting's system abuse monitor, which means your application is safe and you will not see their "TOS" email in your inbox and your website or blog will load faster, smoother, secured too.

So happy hosting!

Also, please share your thoughts on the same.

1 comment: