In this expanding web hosting time period, we are surrounded by many questions which confuse us. Out of many ones, question is which type of hosting we should use Linux or Windows. Here is a helpful guide for the selection of the right web hosting for your system.
Linux Hosting – It refers to the web host which uses the Linux operating system for its servers. Linux is an operating system that is based on UNIX.
Windows Hosting – It refers to a web host whose servers use the Windows operating system. This web hosting is less popular than Linux web hosting. It is only used by sites that fail to run their applications without windows servers.
Differences between Linux and Windows features
- Operating system : If you choose Linux, it is not necessary to use Linux platform you can run Linux on any platform even if you are using Windows XP, whereas which OS you run on your computer matter a lot in case of Windows.
- Control Panel : Linux uses cPanel and Windows uses Plesk panel.
- Cost : Major benefit of Linux is that its servers are far less expensive then Windows servers.
- Stability and Speed : Linux servers have high reliability and high uptime as compared to windows servers. And a windows server has a high risk of crashing than Linux.
- Development Tools : Linux servers offer support for different development tools like CGI,PHP and Perl on other hand windows offer ASP and PHP development tools. Windows servers can also use other Microsoft software and application but Linux can not use them.
- Scalability : As different websites change time to time,they grow small to large traffic websites. While both Linux and windows can often adapt to sites growing needs. But Windows hosting is more compatible with features like PHP and MySQL whereas LINUX is not always compatible with the technologies by Microsoft as .NET and VB development.
- Databases : Linux can run only MYSQL database on other hand Windows can run both MYSQL and MSSQL.
- Alterations and Modifications : Linux is an open source platform so server users can make changes and alterations in the code whereas in Windows user are not allowed to make any changes in code only the webmaster can modify it.
- Files Sensitivity : With Linux servers, file and directory names are case sensitive but in Windows servers, they are not case sensetive.
- Licensing : Linux is based on General public license which is free on other side windows comes with a licensing fee
Security
Linux: It allows users to login as ‘root' user. Never log in to Linux using the root account or user as with the ‘root' access system files can be modified. Ubuntu gives ‘sudo' access to different users. Ubuntu locks the root account.
To log in as the root account a user needs to enable the root account and obtain the password.
Windows: Microsoft has worked on improving the security practices followed on Windows using user access control (UAC).
The Operating System access through a personal account ensures that none of the programs you run write on the other programs or systems on your hard drive. They only make changes to the home folder. Using a limited access account protects the system against buggy and malicious applications.
Modern Linux distros use tools like PolicyKit, to differentiate the access or functions that different user accounts on Linux can perform.
As above we can see that running a website on a Linux or Windows server has both merits and demerits. Deciding for more appropriate hosting for your site will depend on what kind of technologies you will use on your site and what is your budget
Disable Root Login
Once proper login accounts are set up, disable remote access for the root account to prevent any security breaches. The configuration file has the OpenSSH server settings, using a text editor edit /etc/ssh/sshd_config. Search for different authentication settings and options and change the permission to log in to the root account to no using the command: PermitRootLogin no. Save the file with the commands. Once you make the updates, restart the server using the command:
sudo systemctl restart sshd
OR
service ssh restart
Password Policies for Remote Users
Enforce and implement password policies using a module in Linux called PAM. You can invoke this using pam_cracklib.so used to check the passwords entered by users against any dictionary words. Thus to prevent weak passwords, define any new password requirements, such as complexity and length.
To install this module use the command:
sudo apt-get install libpam-cracklib
Using a text editor open the file and find a corresponding setting
sudo nano /etc/pam.d/common-password
OR
sudo vi /etc/pam.d/system-auth
Parameters
- Retry: It defines the number of times the user can enter an incorrect password
- Minlen: The minimum length every password should have
- Difok: To check the number of characters reused in the current password when compared to a previous password
- Dcredit: It indicates the numerals you need to have in your password
- Ucredit: The defines the number of uppercase characters
- Lcredit: The number of lowercase characters
Restrict SSH Access – Don't want to access a server remotely
To limit the number of connections to the server based on the group users are categorized into.
Create a group of users called sshusers:
sudo groupadd sshusers.
Add your username against the group’s name using the command:
sudo gpasswd -a sshusers
To check who has been added in various groups with username:
groups <username>
At the end of your configuration file /etc/ssh/sshd_config, add the following line:
AllowGroups sshusers
Restart the SSH server
sudo service ssh restart
OR
sudo systemctl restart sshd
A user who does not belong to a specific group can be denied access to the server over SSH. Their passwords may be entered correctly, but they will not be given access. This reduces the chance of people hacking the server through brute force attacks.
