Hosting resellers come in all shapes and sizes, from one person web design and web development shops to larger digital agencies. One thing all hosting resellers share in common, though, is a project-based revenue model that’s often “spikey”. As projects come in the door, revenue rises but the focus on completing these projects detracts from bringing in new projects. This leads to a drop in revenue as projects are completed and sales and marketing efforts ramp up again. If the ramp takes too long, it can often spell doom for your business. If this sounds familiar to you, then read on to capitalize on these effective security strategies to protect your hosting reseller business.
Reselling hosting services is often a practical and effective way to offset this spikey revenue model. It introduces a subscription-based revenue stream that generates just enough revenue to keep the lights on between project cycles.
One of the most common approaches to launching a hosting reselling offering is to lease a server from a managed hosting provider like Liquid Web and leverage a control panel technology like cPanel or Plesk to host as many customers as possible on that server. As you bring on new projects, you can also offer your hosting service and grow your hosting revenue base. And the more customers that you can host on a server, the more profitable your hosting reseller business becomes.
In an ideal world, that’s all you would need to do in order to tap into this incremental revenue opportunity. Unfortunately, we don’t live in an ideal world. Sooner or later hosting resellers face one of two challenges that can disrupt their hosting operations and threaten the profitability of their entire business.
Security breaches are the first of these challenges and come in a variety of forms like SQL injection attacks, malware, and brute force attacks just to name a few.
Noisy neighbor syndrome is the second of these challenges, and occurs when one of your customers begins to drain server resources at a disproportionate rate, affecting the website performance of your other customers.
Whether you are impacted by one, the other, or both of these challenges, the net effect on your hosting reseller business is the same. Website performance degrades or websites go down altogether, customer complaints begin pouring in, customer relationships begin to sour, and your brand begins to suffer from the effects of negative word of mouth.
Fortunately, there are steps that you can take right now avoid these challenges and ensure that your hosting reseller business remains healthy and strong for years to come. We know this because as a hosting provider Liquid Web has served thousands of hosting resellers just like you, many for over a decade. In that time we’ve partnered with some of our most successful hosting reseller partners to develop 7 essential strategies that have protected their hosting reseller business from security breaches and noisy neighbor syndrome. And today I am going to share those 7 strategies with you so that you can protect your hosting reseller business too.
1. Offer SSL Certificates to All of Your Customers
There was a time when offering SSL certificates to all of your customers would have been cost-prohibitive. But thanks to the not-for-profit Internet Security Research Group’s open certificate authority Let’s Encrypt, hosting resellers can now offer SSL certificates to all of their customers at no cost. In addition, issuing and installing these certificates has never been easier thanks to features like cPanel’s AutoSSL.
Offering SSL to your customers is a smart move for a variety of reasons. Top among these is the fact that encrypting websites makes it hard for hackers to intercept and collect data that they can use to use to compromise websites. You also get the added benefit of improving the SEO rankings and conversion rates for all of your customers’ sites, which can only help improve customer satisfaction and retention.
2. Offer CDN to All of Your Customers
Any time that your server has to process a request, there’s a chance that the request is malicious. Therefore, if you can reduce the number of requests to your server, you can also reduce the number of potential attacks on your system.
CDNs are a very effective way to offload requests from your server to those of a CDN provider and reduce the attack vectors on your server. CDNs used to be cost-prohibitive, but today many CDN providers like CloudFlare offer free tiers of service that include basic DDoS mitigation, further improving the security of your customer’s sites. CloudFlare and its competitors also offer generous partner programs and paid tiers of service with additional security features like web application firewalls, TLS-only mode, and enterprise-grade DDoS mitigation, opening you up to additional revenue opportunities.
Of course, CDNs also offer performance benefits that can dramatically improve the performance of your customers’ sites and help with SEO. Any way you look at it, offering CDN to your customers is a smart move that can only help grow your business.
3. Enable ModSecurity
ModSecurity is an open-source web application firewall that’s supported by most web servers, including Apache, Nginx, and IIS. It protects websites against a range of attacks, including cross website scripting, bad user agents, SQL injection, trojans, session hijacking, and other common exploits.
Implementing a web application firewall like ModSecurity can dramatically improve the security of your customers’ websites, especially when you consider that 70% of all attacks are now carried out at the application level. But remember, ModSecurity is not a one-and-done affair. It’s important to check for updates on a regular basis, as new exploits come out all the time. It’s also a good idea to review your audit logs on a monthly basis to uncover any emerging threats.
If you’re like most hosting resellers, though, you may not have the time or skills necessary to properly manage ModSecurity. That’s why it’s important to make sure that you’re working with a hosting partner who understands ModSecurity and can help you keep on top of managing your web application firewall.
4. Install CloudLinux
Control panels offer a lot of capabilities that make running a hosting reseller business easier. One thing they lack, however, is a way of ensuring that customers only get what they pay for when it comes to server resources. Because they lack these controls, one customer’s good fortune in terms of increased website traffic can lead to performance degradation for some of all of your other customers. In extreme cases, it can take down all of your customer running on a server.
CloudLinux is a Linux-based operating system designed for multi-tenant shared hosting environments. It improves server stability, density, and security by isolating each of your hosting customers in their own environment with specific server resource allocations. It effectively short-circuits noisy neighbor syndrome by ensuring that your customers only get what they pay for. It also isolates customers from one another, ensuring that unstable scripts or malware running on one customer’s website can’t affect your other customers. Best of all, CloudLinux works well with control panels like cPanel/WHM, making the transition to CloudLinux seamless for your and your customers.
5. Update Software Regularly
Regularly patching software components like your OS, control panel, database, CMS and plugins is crucial to reducing the risk of a security breach affecting your customers. Many hosting resellers fall behind on patching critical software components because of a lack of resources, skills, or both, and pay the price later on when their customer websites are breached.
If you find yourself in a similar situation (not enough time, skills, or both), I urgently encourage you to find a hosting provider that can help you keep on top of software updates. Liquid Web, for example, offers a range of comprehensive managed services, including regularly patching critical components of your hosting reseller software stack. Services like this can often make the difference in keeping your customers happy and your hosting reseller business profitable.
6. Run Security Scans
There are a growing number of security scanning solutions available to help hosting resellers identify security vulnerabilities. These generally fall into two categories, solutions that focus on identifying security weaknesses on your server and those that focus on identifying security weaknesses on your customers’ domains and websites. Using a combination of the two will help ensure that you’ve covered all the possible security vulnerabilities that may affect your customers. Here’s a short list of some of my favorites:
Sucuri offers a free tool that you can use to perform a scan of your customers’ websites for malware, blacklisting status, website errors, and out-of-date software. They also offer monthly paid plans that automatically monitor your customers’ sites for security vulnerabilities, remove malware, provide DDoS and brute force protection, and provide blacklist removal.
Installing SSL certificates can be an error-prone process, opening up your customers to vulnerabilities. SSL Labs offers a free solution that scans your web server to ensure that the SSL certificates installed for your customers’ websites are properly configured.
By the way, if you’re interested in learning more about SSL and TLS, SSL Labs also offers a wealth of resources to get you up to speed quickly.
ConfigServer Security and Firewall is a free plugin for WHM/cPanel that makes managing software firewalls a lot easier. CSF has a wizard that scans your server and provides you with a number of recommendations for firewall changes designed to increase security on your server.
When you first run CSF, you might be overwhelmed by the number of recommendations it provides. My advice is that you prioritize the CSF’s recommendations in order of impact (biggest to smallest), and incrementally work your way down the list over time. This approach will also help you if you need to revert a change that had an unexpected impact on your server.
Observatory is a free scanning tool from Mozilla that lets you scan your customers’ websites for security issues and provides step-by-step recommendations on how to remediate the issues that it finds. Observatory scans across HTTP, TLS, and SSH, and also incorporates third-party tests from SSL Labs, High Tech Bridge and others.
7. Implement Two-Factor Authentication
Two-factor authentication greatly minimizes the risk of a hacker gaining access to your customers’ sites or your own server through phishing scams and other means. It augments common username/password security schemes (what you know) with a secondary token (what you have). So make sure that you implement two-factor authentication in your control panel and on your server. It’s also a good idea to make sure that your hosting partner has also implemented two-factor authentication in their management console.
I hope that you found these security strategies helpful. Implementing all 7 will greatly improve the security of your hosting reseller business and ensure that your customers will be happy for many years to come. And remember, Rome wasn’t built in a day and was a team effort. Implementing a robust security strategy takes time. It also takes the right hosting partner.