hi all,

What do you guys think about security at hostmonster?

For example: trying to send a support ticket brings you to a form where you have to fill your name AND password and this form isn't secured i.e. not https (not to mention the normal cpanel login form).

also when trying to use https instead of http, i get noticeable delays.

Is this acceptable??

I don't have any issue with security here. Any application requiring high security doesn't belong on a shared server, IMO. Since Hostmonster provides shared hosting only, the provided security is more than sufficient.

As far as your SSL requests being slower, that's normal. All SSL requests on all servers are slower than their non-encrypted counterparts.

hi all,

What do you guys think about security at hostmonster?

For example: trying to send a support ticket brings you to a form where you have to fill your name AND password and this form isn't secured i.e. not https (not to mention the normal cpanel login form).

also when trying to use https instead of http, i get noticeable delays.

Is this acceptable??

so far there is no hacking reports or wide spread attack at hostmonster or bluehost.

lately there was some reports on dreamhost where 3500 user account with password issue. lots of them being hack due to weak password. So, the point here is to use proper type of password for your cpanel and emails.

Thanks for answering :) , but still, do you feel OK with sending your passwords unencrypted plain text?

Do you feel OK to manage your account without SSL?

Well, I don't, and right now the SSL is unusable due to slowness.

Not sure what to do. Any point in filling a Ticket? (even that form is using plain text passwords!)

Thanks

Thanks for answering :) , but still, do you feel OK with sending your passwords unencrypted plain text?

Do you feel OK to manage your account without SSL?

Well, I don't, and right now the SSL is unusable due to slowness.

Not sure what to do. Any point in filling a Ticket? (even that form is using plain text passwords!)

Thanks

SSL is going to be slow no matter what host you use. It isn't capable of running at the same speeds as standard HTTP requests.

I feel fine sending my password unencrypted to a shared host. My sensitive personal information isn't accessible from cPanel (go ahead and call my phone, go ahead and knock on my door), I don't store sensitive information on any of my websites, I make frequent backups of my data, my credit card is insured, and I can simply make a phone call to regain access if it's ever compromised.

If you are concerned with sensitive data in your account, you should look into dedicated hosting. A shared hosting environment isn't secure in any way, shape, or form. Hostmonster does an excellent job at maintaining the best possible security on their network.

hi all,

What do you guys think about security at hostmonster?

For example: trying to send a support ticket brings you to a form where you have to fill your name AND password and this form isn't secured i.e. not https (not to mention the normal cpanel login form).

also when trying to use https instead of http, i get noticeable delays.

Is this acceptable??

The overhead associated with https v http is a payment in time for security. I usually cringe when my password is transmitted via plaintext. But when it is the only option there are other things you can do.
1. Change your password often and choose one that adds some difficulty for password crackers.
2. If communicating in the clear bothers you, then perhaps you should use phone support.

i heard there datacenters are more guarded then the whitehouse

pass codes
security guards.. if theres a fire in the server room a deadly gas puts it out right away and the guy inside could die from breathing it.

its virtually unhackable

i heard there datacenters are more guarded then the whitehouse

pass codes
security guards.. if theres a fire in the server room a deadly gas puts it out right away and the guy inside could die from breathing it.

its virtually unhackable

I think that's probably going a little overboard, but the datacenters are very safe. Private security will never have the resources of the Secret Service, and nothing is unhackable. ;)

i woudnt be so sure about that... :)

there is a thing as unhackable..

fact is with a 256 bit secure connection there servers have

it would take a hacker atleast 6 or 7 hours to decode it.. and by the time that happens hostmonster will have already caught him and changed the decoding..

also with all that extra security its virutally unhackable

i woudnt be so sure about that... :)

there is a thing as unhackable..

fact is with a 256 bit secure connection there servers have

it would take a hacker atleast 6 or 7 hours to decode it.. and by the time that happens hostmonster will have already caught him and changed the decoding..

also with all that extra security its virutally unhackable

I'm sure that's what Nokia thought when Kevin Mitnick downloaded the blueprints for their proprietary operating system. :D

There's a heck of a lot more to network security than encryption. Encryption doesn't protect a network from social engineering, hardware and software bugs, or zero-day exploits.