Server Security: The High Cost of Cheap Shared Hosts
When you’re building your Shopify site, there are dozens of choices can add up to a site that functions flawlessly or one that needs to be rescued regularly.
As you consider your options in choosing cloud hosting, I want to do everything in my power to warn you away from cheap shared hosting. Sure, it looks like a steal when you look at costs alone, but at every turn, shared hosting has the potential to compromise the stability of your site.
Please save yourself the nightmare of dealing with the inherent shortcomings of shared servers and choose a reputable SaaS or VPS (Virtual Private Server or bare metal server) instead.
Shared vs. VPS
Once upon a time, shared servers had a good and noble purpose. For an affordable rate, your account could share space with others, and everyone could get along in peace.
As technology improved, sharing became much tidier. Instead of hundreds or thousands of accounts crammed into a single large server, each account received a dedicated percentage of the server space. On a present-day VPS, if you pay for 10% of a server, you get 10% of the processor and 10% of the memory. Guaranteed.
As websites increased in size and popularity, many site owners moved to the stability offered by VPS hosting, but shared servers are still in use today.
It’s a gamble for sure, since you have no idea what other accounts are sharing the server with you. If your neighbors’ sites are average or small in size, you probably won’t have many problems, but all it takes is one huge site for trouble to emerge.
Since accounts on shared servers have weaker boundaries, a big website can hog all of the server’s resources, slowing down all of the other websites and potentially costing the owners sales and customers.
Low Prices Are No Bargain
Given all of the dangers of shared sites, especially given the more secure options, why do people still choose shared sites? Simple. They’re dirt cheap.
When you’re just starting out and looking for every possible way to save money, shared servers can seem like a gift. You could pay as little as $8 a month for a shared server, while a SaaS site could cost $40-$200 a month, depending on how much space you would need.
Overloaded and Overcrowded
In order to offer rock-bottom pricing, the hosting companies put thousands, or even hundreds of thousands, of accounts on one physical server. There’s no way that many accounts can function effectively or optimally in that environment.
A slowdown of any kind impacts every single app that lives on that server, but it affects them differently, depending on their function. Here’s how a malfunction of a shared server would impact the three different types of Shopify apps used today:
Automatic processor apps run in the background of your site and perform basic tasks like collecting data to build a report. Since they can run during off-peak times, these apps aren’t significantly impacted by slowdowns. Even if their jobs take five minutes longer during an overload, no one knows, so sales and performance aren’t impacted.
Backend apps are visible to you and anyone who has access to the admin panel, which might be your team or staff. Slowdowns for certain tasks might be inconvenient, but if your staff understands the financial trade-off, then it might be worth it for you. If the problem is so large that the app won’t work effectively or your staff isn’t able to get the right info to customers in a timely manner, then you’ve got real problems.
Frontend apps interface directly with customers, so if you’re having a slowdown here, it’s a crisis. A few years ago, researchers discovered that "one in four [American consumers] abandons surfing to a website if its page takes longer than four seconds to load."
That means that if your neighbor on a shared site suddenly has a huge spike in activity, your site could hit a slowdown that’s beyond your control, and you could be shedding potential customers who don’t want to wade through it.
But that’s not all. The same lack of boundaries that allow a huge website to suck up all the space on the server can compromise your site’s safety.
In this very real scenario, if a hacker can get into one site and gain access to the server’s admin account, they suddenly have access for every single site that’s on the server.
Here are some examples of chaos that this type of security breach can wreak on your site.
Hackers can gain access to your entire store front. Imagine what would happen if someone logged in as you and had your dashboard at their fingertips, changing settings on everything from for shipping, automatic ordering, communication, and more.
Even though information like credit card data is still safe with Shopify, your customer data is not, which could mean that you’d become a spam gateway.
Hackers are mainly interested in grabbing data or commandeering a server so they can attack more servers. As they gobble up the server’s resources, all of the other sites on the server will experience slowdowns, resulting in unhappy customers and lost revenue.
All of these scenarios are frightening enough for a standard website, but for an ecommerce website, any one of these security issues can blow a hole in your growth and revenue.
It Only Takes One Problem
This is just the tip of the iceberg when it comes to horrible scenarios with shared servers. While any of these problems can leave you with days of extra work and frustration, it only takes one small problem to lose all of the savings of using a shared server.
It’s not worth it.
Even if you’re at the stage in your business where $200 per month seems like a lot of overhead, please don’t jeopardize your company’s reputation and power by opening yourself up to these entirely avoidable problems.
Do your research and find a web hosting service that will take care of you. If you need help, please check out my article on app costs and look at the rates and details on services I’ve posted there.
How Private Shopify Apps Can Increase Your Store Sales
Signup to learn how Private Shopify Apps can benefit your Shopify store, how they work from a non-technical perspective, and over a dozen examples of what private apps can do.