Room to Grow

A lot of people thinking about making serious web sites think about their server solution. The simple shared host is not enough anymore, or won’t be for long, and you need another server.

But what do you get? There’s tons of options out there, which is the best? The truth is the best is always dependent on the company serving you. Looking out for a company’s history is always a good thing to do. Giant companies like 1and1 may look like a scam because they’re so cheap, but their very well furnished data centers ensure your website won’t be lost do a server crash and you’ll always have top up times.

Shared hosting is not somewhere you will talk about redundancy, but since your data is in a shared pot, you kind of expect it to be available on more than one server. After all, you’re not buying a single server, if your server crashes, everybody else on it does. To cope for these issues, bigger companies like 1and1 store your data on multiple servers. However, smaller contenders like DreamHost only store your data on one disk with no redundancy at all. Occasional backups are made, but that’s about it. A server crash on DreamHost can mean the death of your website.

However, bigger companies like 1and1 don’t always have the greatest support. The best they’ll have is often calls that look as if they’ve been routed to India, where some poor non-knowledgeable person is reading the manual for you.

As much as you wished 1and1 would give you better support if you pay more money, take for example a dedicated server, they won’t. Dedicated servers will probably end up with even less support than the shared hosting packages. As long as the hardware works correctly, 1and1 certainly won’t bother helping you in your software fixing as it is very clear in the agreement that it is a self-managed server (if that’s what you bought).

1and1 and other large companies serving millions of users have very interesting server offers. They’re cheaper than competition and just look perfect for that matter. However, if you’re planning on growing, don’t stay too long in the arms of big companies that do not offer complex hosting solutions. Unlike popular beliefs, it is the smaller companies that have more time to tend to users individually that offer these complex hosting solutions.

Web Hosting Buzz and Media Temple are two good examples of these smaller higher quality companies.

Figure it out like this. These companies can give you custom made managed solutions that offer multiple servers with your configuration choice up to the last detail, human to human discussed. Even though that top of line single server box at 1and1 looks pretty interesting for the 400$ per month price tag, it stops there. And often times, two cheap servers, one dedicated to the database and the other to web serving, are more efficient than one big ass machine.

Staying with 1and1 for an unpredictable growth is like having a death wish. You’ll really want to shoot yourself when you realize that you can’t have more than one server for the same site with 1and1.

If you’re planning on making a web site that’ll grow, you’ll need much more than a single server to scale. This is why going with companies like Web Hosting Buzz that offer complex hosting solutions is a good idea. You can start small, with shared hosting, and grow with them as you grow.

Better Tools are Better than Efficient

The statement “Rails doesn’t scale” is very controversial. It has been proven that Rails is slower than most tools out there. Yes, PHP scales better. But again, this very last statement is controversial.

The truth is, PHP solutions will be faster than Ruby on Rails. The other truth is, scaling PHP is not a game of fun. However slower Rails may be, it’s still a much prettier way to do web developement that’ll make your developers smile. More importantly, it’ll require less people to do the same thing.

So, let’s say PHP is twice as fast. Where your 500$ server will be enough for PHP, you’ll have to put in 500$ more per month for a Rails equivalent. That’s 12′000$ per year vs 6′000$.

However, PHP requires more people, so let’s say you have to hire another programmer that costs you 60′000$ per year instead of doubling your server. That’s 10 times the additional cost for scaling.

Servers are always getting cheaper, workforce on the other hand isn’t. So instead of thinking of code performance, you should simply go with which one is cooler to work with. The same goes for operating systems. If you think your IT will be happier with a certain OS, go with it instead of going with the more performant.

* Of course, just keep a bit of logic in there. For example, don’t host your site on a platform with poorer security because it’s easier to work with.

** The numbers are 100% fictive and are not based on reality. If you want to know what’s the real difference between Rails and a PHP framework, do your research.

Some big journalistic icons have recently published a shocking headline story. WPA is cracked. If that would really be the case, let me tell you it would be more than the average user to panick, because assuming the entire WPA spec is cracked is like saying secret data from the US government isn’t safe anymore.

In any cases, WPA is not cracked and everyone can rest assured. At least, partially.

First off, to understand how it really works, you have to seperate the different terms. AES is not a TKIP competitor and WPA is not a protocol.

WPA and WPA2 are standards (a way to do things). A WPA2 certified device supports everything included in the WPA2 standard.

TKIP and CCPM are WPA protocols. The first WPA was done out quick by some companies and used TKIP. WPA2 on the other hand uses the more sophisticated CCPM.

RC4 and AES are ciphers. RC4 is used by WEP and TKIP, AES is used by CCPM. So yes, WEP is not a standard, it’s a protocol (however it also stands as a standard, source of confusion).

What’s cracked?

TKIP is cracked. However, TKIP was still relatively well made, at least, better than WEP. The crack is no big deal, the most it can allow is injecting really small packets on your network and maybe decrypt some. Since most routers renew the TKIP keys at each hour, the average packet won’t ever have time to be cracked, so nobody can steal your credit card number like that, or whatever else.

Nobody can spy you, nobody can get your network key. At least, not yet. The crack right now is mostly a technical show-off, but nothing to be alarmed by.

Is my WPA still secure?

Yes, your WPA is still secure, even though not at 100%. Luckily enough, CCPM is not as weak as TKIP and doesn’t use the outdated RC4 cipher. With WPA2 certified devices, you can use CCPM in conjuction with the AES cipher (chosen to protect secret US government files) to attain a literaly uncrackable network.

However, as with any system, WPA2 is still prone to brute-force attacks. A poor password, even on CCPM, can be cracked by a dictionary attack. However, if you use a password like this, it’d take millions of years to crack it with a brute-force attack, and since there isn’t anything else possible than a brute-force attack on AES, you can rest assured your data is uncrackable.

Get the full explanation with Security Now  ep. 170

Apart from almost copying Apple’s dock and shoving it into the traditional windows taskbar to make it a whole new better taskbar than anything out there, Microsoft is pushing some other niceties in its OS that may not be as apparent on the surface.

So, I was installing Windows 7 m3 (build 6801) yesterday and to my great surprise, I came about something really freaken awesome. Windows 7 creates, and tells you so, a smaller, about 200MB, partition for the important system files and puts everything else on another partition.

What a brilliant way to protect the system, much like advanced Unix configurations, which, unlike your average Ubuntu, have more than just a main and a swap partition.

Yes, it does not go as far as obsessidely spliting everything as many do with FreeBSD so that everything is seperated, data, user settings, software, the system itself, swap and whatever, but it still goes a long way into showing Microsoft’s will to make things work better.

Bravo, simply bravo.