Skip to main content
07 3844 0001
17 July 2017

Choosing your hosting provider and services

So you've just had a new website or web application built? Well, in most cases, it will need to be hosted in a suitable server environment to enable users to access and interact with it, while also providing sufficient resources to address performance, connectivity, storage, security and availability requirements.  

After completion of the build, the hosting of your website/application becomes your responsibility.  Selection of an appropriate hosting provider and associated service level should be given due consideration to ensure it will meet your needs and align with your expertise, expectations, budget and risk contingency.  Setting up your hosting is not a set-and-forget task, infrastructure requires ongoing maintenance and monitoring to ensure it remains secure, up-to-date and available.

Before selecting your hosting provider and an associated plan, here are a list of items that should be considered:

 

Type of hosting provider

  • In-house
  • Traditional hosting provider (shared or dedicated hosting)
  • Cloud based service (e.g. Microsoft Azure or Amazon Web Services)
    • There is a vast array of service offerings by each provider from dedicated machines to purpose specific services, so please consult with Zeroseven to ensure compatibility with your project.

 

Technology Stack

  • Ensure the selected hosting servers will support the technology used for the product/build.
    Typically this will be Windows/IIS, .Net and SQL Server  for Zeroseven projects – confirm with Zeroseven for any specific version requirements.

 

Who will manage the hosting environment?

  • Do you have the expertise to manage this yourself or with the assistance of an IT department?
    (this will typically apply for in-house or cloud based services)
  • Do you require only basic support?
    e.g. ticket/phone support on request
  • Do you require a fully-managed service?
    e.g. Service level agreements, environment configuration, patching, monitoring, out-of-hours support, proactive issue management, disaster recovery management.

 

Backups & Disaster Recovery

  • Ensure an appropriate strategy has been put in place to ensure your data is regularly backed up.
    • This should include website files, databases and any other assets that may be relied upon. 
    • It is recommended backups occurs at least daily, and the backup data is stored separately to the source server.
    • Consider taking an off-site backup of the data periodically, this will ensure a copy of the data is available should the hosting environment be compromised or become unavailable
  • A recovery plan should be established to ensure the site can be made available as soon as possible after a disaster.

 

Availability

  • How mission-critical is it that your site/application remains available?
    • If an issue arises, what would be the impact to your business?
      This could be a short outage due to Windows updates, reboot, deployment etc. or an extended outage due scenarios such as disk failure/corruption, failed Windows updates, virus/malware, hardware issue, security issue, distributed denial of service (DDOS), excessive load, etc. 

      So, a few questions to consider:
      • What may be the impact to your business’ reputation?
      • Is it necessary for staff to access the application to perform their job?
      • E-commerce sites - how will an outage affect your cash-flow?
      • Do your customers, suppliers or partners have a dependency on your application?
      • If an outage occurs, how long could be tolerated by your business?
         
  • A basic shared hosting plan or single server solution will typically have no or limited redundancy, so if you require a high-availability solution, then the following should be considered (at additional cost):
    • Separation of web and database servers/roles
    • Multiple web servers (web farm / load balancing)
    • Clustering
    • Content Delivery Network (CDN)
    • Disaster Recovery or Stand-by environment
    • Managed service
    • Monitoring
    • Service-level agreement
    • Load testing

 

Security

  • ‚ÄčTo minimise the risk of your environment being compromised, the following basic items should be considered:
    • Windows updates – ensure these are reviewed and installed regularly to minimise the risk of unscrupulous parties exploiting know vulnerability (consider who will be responsible for this task).
    • Anti-virus – if hosting within a virtual machine, having a reputable anti-virus product installed can detect and mitigate the potential impact of a virus or malware infection.
  • Firewall
    • Will the in-built operating system firewall be sufficient or do you require a dedicated firewall to perform advanced tasks such as stateful packet inspection or SSL offload.
  • Access
    • How will the server’s be accessed and are there any specific security requirements?
      e.g. VPN, RDP, FTP, multi-factor authentication
    • Who can access the environment/servers? (users and permissions, IP address whitelists)
  • SSL/HTTPS
    • It is recommended that an SSL certificate (from a reputable Certificate Authority) be purchased and installed to facilitate secure access between the client browser and server.

 

Monitoring

  • To provide alerts when there may be issues with your site/application, hardware or resources – it is recommend monitoring services be configured. 
    • This may be provided by your hosting provider or independently.
    • Different services may be required to monitor uptime versus server resource utilisation.
  • Should a monitoring issue occur, consider who will receive the alert, and who will respond (in the first instance).
    Note that an issue could arise at any time, including outside of standard business hours.

 

Other Services

  • ‚ÄčEmail
    • Consider how mail for your domain will be managed
      • Do you have your own, existing mail server or will one be required as part of the hosting?
      • Do you have existing mailboxes – how will they be impacted?
    • How will the website/application send email (if required) and deliverability be managed?
      • Local SMTP server
      • Dedicated SMTP server
      • Third-party SMTP server, e.g. SendGrid or Mandrill service.
  • DNS
    • Who will host and manage the DNS services related to your site/application?
      • Is this required as part of the hosting package or will they be managed separately?

 

As you can see there's a bit to think about to ensure the right hosting solution is established to suit your needs.  Of course, we understand hosting has a lot of technical aspects, so Zeroseven are here to help if you have any questions or require assistance in the process.


RELATED TAGS

Paul
AUTHOR

Paul

Application Development Manager
Paul's articles

When to choose IEnumerable

Cheers To Another Year!


Like what you see?

GET IN TOUCH