NYCPHP Meetup

NYPHP.org

[nycphp-talk] Where to store credentials and/or keys

inforequest 1j0lkq002 at sneakemail.com
Tue Aug 15 01:49:09 EDT 2006 

michael lists-at-genoverly.net |nyphp dev/internal group use| wrote:

>On Mon, 14 Aug 2006 17:25:25 -0700
>  
>
>John, you are a respected colleague,
>
Why thank you.

> but I'm not buying your logic *here*.  
>
Well, not like that's never happened before.

>Assessing risk and mitigating risk is something to be taken
>seriously. I think we agree on that.  I'm not a fan of shared hosting
>for any sort of serious business; just for the reason above. You can be
>as strong as you want, but the weak link in that chain may well be your
>neighbor.  
>  
>
Agreed.

>If one's business (and presumably livelyhood) depends on a web server
>-and the above is the risk model- then shared hosting *should* be the
>first thing chucked out the window. (This is where you say 'not an
>option' and I quickly retort 'horse hockey') 
>  
>
Agreed, for that risk model, in most cases (but not all).

>Dedicated/Managed hosting is in reach for any serious business.  If a business can't afford it,
>then don't do it. 
>
I think we will have to disagree here. The base cost of a managed 
hosting arrangement may be affordable, but dealing with the ... ahem... 
difficult personalities in the server room, may not be. Sure if you know 
your way around a server, you can "manage" a relationship with a 
sysadmin under a managed server arrangement. However, just as surely as 
greed corrupts, a naive small business owner may find herself paying for 
everything "extra" while still not keeping reasonable control of her 
"livelihood". I have counseled too many whose sites were practically 
hostage to the host or (worse) design firm pretending to be host  (gasp!).

I know your style, Michael, and I can assure you that integrity thing 
you insist on perpetuating is very, very rare out there.

Anyway, point much appreciated. Shared hostng is the first thing to 
re-consider when in need of security.

-=john

-- 
-------------------------------------------------------------
"If you think this stuff is confusing, you should try optimizing websites for search engine exposure."  john andrews SEO http://www.johnon.com

More information about the talk mailing list