As we continue to grow our business and more consumers start to become aware of us, we’ve been asked the same question a few times recently: “How can you offer low pricing while maintaining quality?”, so we thought we’d take some time to explain our pricing and infrastructure here.
We want to start by reaffirming stability and customer satisfaction are always at the heart of everything we do, we’d never sacrifice either one to allow for cheaper product pricing. We understand your website is one of the most important assets to your business. So whilst enabling you to secure web hosting from 99p a month is, of course, a great achievement and headline for us, if you signed up only to find your website becomes intermittently unavailable, slow to load and our support unresponsive we will lose your business and receive a (justified) negative reputation within days.
One perceived reason for our low pricing seems to be an idea that we use underpowered and/or non-professional hardware to host our customers content, devices such as personal specification machines running from a residential location etc. The opposite is true of Hugoton Hosting. We host all of our web infrastructure within Amazons EC2 cloud. Each of our nodes (we currently operate nodes within Europe – Ireland and the USA – North Virginia) consist of an Amazon EC2 server (plus EBS volume & elastic IP), a WHM/cPanel license, a CloudLinux license, and a Softacolous premium license. We monitor the server load calculation closely using automated monitoring software (namely Munin, Monit, and AWS CloudWatch) to aid our decision on when to launch new nodes once one reaches capacity, we never oversell or overload our nodes.
Migrating to EC2 was a strategic decision that we took a little over two years ago now for a number of reasons, the primary ones being; uptime & resiliency, security and the ease of launching new instances across the globe (scalability). Amazon allows us to create storage (EBS) volumes that attach to our nodes which can vary in size depending on our needs. So for nodes with more content heavy customers, we can have a larger sized EBS volume attached, and on a less content heavy node we can have a smaller sized EBS volume. This approach allows us to maintain tight control over our costs by not paying to provision under-utilized disk space. In addition, committing to a long-term contract with Amazon decreases the cost of EC2 instances – Hugoton Hosting recently signed a 3-year contract with Amazon for all of our current instances.
Another perceived reason for low pricing being possible is that we are a ‘short-term’ or ‘summer’ hosting company. In short, such a host appears and starts to offer low pricing for web hosting in the form of limited time offers etc. Only to disappear completely a few weeks or months later leaving their clients websites down and the clients themselves frustrated & out of pocket. Hugoton Hosting was established in 2005 and has been hosting, designing and developing websites ever since – we’re not going anywhere.
One final perception is that we offer little or no support, so once a client signs up for services they are left with a potentially broken, or at the very least challenging to navigate, hosting platform that they struggle to use. Again, contrary to the perception, Hugoton Hosting uses the latest version of WHM & cPanel to host our customers’ websites & e-mail services. We also use WHMCS to ensure billing and support tickets are managed appropriately, have a full knowledgebase to help along the way and offer 24/7 support via e-mail and live chat (plus telephone support for specific premium packages).
To conclude while there are a number of hosts out there that, unfortunately, have one goal – to provide super low priced web hosting, make as much money as possible in a short space of time then drop offline soon afterward – Hugoton Hosting is here to stay for many more years to come. We are able to offer low pricing due to the volume of sales we process and maintaining our own, carefully cost controlled, infrastructure.
If you currently own or will soon be owning a WordPress site you will no doubt have considered security at some stage. Our guide will help you secure your WordPress site so you can rest assured your content is safe!
Install Two Factor Authentication (2FA) for site admins
2FA requires all admin users to log in with their username and password (like normal) at first but then asks for a secondary factor – we recommend using the one-time passcode option for this secondary factor. Google Authenticator is a fantastic (free) mobile app for this, providing rotating codes every 30 seconds.
We highly recommend Mini-Oranges 2FA plugin for WordPress to get started with 2FA for free.
Once the plugin is installed simply install the 2FA code generator app of your choice on your mobile device(s) – as we mentioned earlier, we recommend Google Authenticator – then scan the barcode the plugin generates. Don’t forget to store the backup codes safely in case you ever lose your mobile device!
Don’t use a simple username
It’s estimated that over 70% of WordPress sites have a user with “Admin” or “Administrator” as the username, don’t give the bad guys a challenge of only guessing your password, set an obscure username also! If you’re worried about remembering the obscure username try using a personal e-mail address as your username (one that’s not associated with your website).
Rename your login and admin URLs
Much like the previous point of websites using a common username for administration, an even higher number use the default “/wp-admin” directory and “wp-login.php” page to login to administer their WordPress sites.
Changing these URLs is super easy. When hackers know the direct URL of your login page, they can try to brute force their way in (try multiple random login details hundreds of times per minute).
Hopefully, by this point, you have already swapped usernames for email IDs and installed 2FA. Now you should also replace the login URL and get rid of 99% of direct brute force attacks.
To do this we recommend using the iThemes Security (formerly Better WP Security) plugin.
Change your passwords regularly
This one is applicable to all websites & applications you use as much as it is to WordPress. Changing your password regularly dramatically reduces the change of your login being compromised. Consider using a password manager such as LastPass or one built into your web browser to generate secure passwords also.
Use SSL across your WordPress site
We covered this in our Avoid “Not Secure” Message On Your Website blog post earlier this month. Securing the communication from your web browser to the web servers hosting your website is critical to maintaining a secure WordPress website. Don’t forget Hugoton Hosting offers completely free SSL certificates for all websites hosted with us!
Logout Admins & Users after a certain length of time
Admins and website users leaving themselves logged in accidentally can leave a gaping hole in the security of your website. We recommend installing the free Inactive Logout plugin for WordPress to easily log out administrators and users after the period of time you choose.
Set strong passwords for your database user
When setting up WordPress be sure to use a strong password for the database user. You can, of course, go back and change this also via your web hosting providers control panel, then updating your wp-config.php file with the new password afterward. Use a free tool such as Passwords Generator to make sure your DB password is ultra strong.
Monitor your audit logs
Keeping a close eye out for anything suspicious is important, and can be easily accomplished in WordPress using the WP Security Audit Log plugin. The free version is more then adequate for most websites. If you want more features such as automatic e-mail alerts you might want to consider one of their premium plans.
Choose a web host with automated protection
As well as making changes and installing plugins within your WordPress instance, choosing a web host with automatic protection is important. Hugoton Hosting provides automated brute force login protection as standard for all WordPress websites, blocking the attackers IP address in seconds.
Much like updates to an Operating System, WordPress core updates and WordPress plugin updates should be installed as quickly as possible. WordPress makes it extremely easy to do this and will prompt any administrative user to do so once they log in. Please don’t ignore these update messages, they could save you a huge amount of time recovering your site from a security breach by preventing an attack in the first place.
Backup, backup, backup
You can take all of the above steps to secure your WordPress installation, but in the event, the worst happens and something gains access to your website you must be in a position to be able to restore from a recent backup. When setting up backups ensure you’re backing up to an off-site location (don’t back up to the same server your website is hosted on) and please test a restore to be sure what you’re backing up is absolutely everything you need should your site be deleted.
A common blunder website owners make is setup backups to an off-site location, only to realize they weren’t backing up everything they needed to fully restore their site when the time comes. We recommend using one of the below plugins to manage backing up your WordPress site:
- BackupBuddy is our recommended premium WordPress backup plugin ($80 one time fee per site). It allows you to easily schedule daily, weekly, or monthly backups to a variety of destinations including e-mail.
- UpdraftPlus is our recommended free WordPress backup plugin. It allows you to create a complete backup of your WordPress site and store it on the cloud or download to your computer on demand or on a schedule.
Your website content is one of the most single valuable assets your company owns, take 30 minutes today securing your WordPress website, you won’t regret it!
If you’ve read our “What is website caching and why should you use it?” blog post you will remember that we mentioned using a Content Delivery Network (CDN) to improve the performance of your website even more after you finished configuring caching.
What is a CDN?
CDNs have continued to grow in popularity over recent years, as the loading speed of a website is one of the most influential factors for a visitor to remain on your site. Think about it, if you visit a website and the content loads slowly with images appearing a chunk at a time you’re soon going to get frustrated and visit another site where you don’t have to wait to see what you’re looking for. The use of a CDN can ensure your content is ready whenever your visitors want to view it, without any delay.
So, is a CDN the same as a web host?
In short no, they are two separate things. A CDN does not host content in the same way a web host does and therefore a CDN cannot replace the need for web hosting. However, a CDN does help by caching content at the edge of the network (internet) which dramatically improves website performance & loading times.
How does a CDN work?
As mentioned earlier, a CDN is a distributed set of servers across the globe working together to serve content quickly to your users from a location geographically close to them, thus reducing latency (the delay in content being sent from its source to its destination). To ensure content is served reliably and in the fastest way possible CDN providers place their servers at various exchange points that exist between Internet Service Providers (ISPs), these Internet Exchange Points (IXPs) are the primary locations where the ISPs interconnect with each other. By hosting their CDN servers in these geographically strategic spaces the CDN provider can ensure a consistently high speed of data/content delivery.
Other than decreasing load times, are there any other benefits of using a CDN?
Yes, as well as increasing the speed of your website using a CDN can also:
- Reduce bandwidth costs – Through the use of a CDN the data needed to be transferred from your web hosting server is reduced as the content is served from the CDN
- Increase content availability and redundancy – Owing to the distributed nature of a CDN, it can withstand higher peaks of traffic than a typical web host can, allowing it to stay online and available during heavy visit periods. A CDN is also much more diverse in its infrastructure than most web hosting providers so a failure of one (or even multiple) parts of the CDNs network often do not cause any disruption to your visitors.
- Force secure content delivery (SSL) – Enforcing content to be served over SSL is an option on most mainstream CDNs so you can be sure your content is being served securely
What CDN should I use?
As with most technologies, there are a large number of CDN providers out there. The below 2 are what we consider to be the very best of the bunch for both pricing and feature set:
Does Hugoton Hosting use a CDN?
Absolutely! To ensure the super fast delivery of our website we have used StackPath as our CDN since July 2018. We also have a number of our customers using CDNs in conjunction with our website hosting packages to deliver their websites from e-commerce to discussion forums.
After caching the content of your website, a CDN is the next step to ensuring super fast content delivery of your website to your visitors. Make sure you choose a fast & reliable web hosting provider to start with, then deliver your content over a CDN to see (well, imagine seeing at least) your visitors smile as your website pops up in milliseconds before them!
Web caching is an amazing technology that every website should be using in one form or another, at least that’s what we think here at Hugoton Hosting! Web caching speeds up site loading times to end users which not only increased user satisfaction, as let’s face it – who likes to wait for a page to load?, but can also lead to increased SEO scores.
Faster loading times can also lead to better conversions for your e-commerce website, which then increases your income from online sales! In this blog post, we will cover exactly what web caching is and of course how you can implement caching on your WordPress site within minutes.
What Is Caching?
Caching is a complex technology with many vendors competing in its space, in its simplest form it reduces the content size of your website allowing it to load quicker within your visitors’ browser.
Your website is requested hundreds of times a day (hopefully even thousands!), every time a request happens the web server you host on has to generate all of the page content from scratch (remember this includes headers, footers, and menus as well as the main page content). However, in 99% of these page requests the content that is generated is exactly the same. Wouldn’t it be great to relieve your web server from having to perform this ‘ground up’ generation of page content on every request …. hello caching.
How Does It Work?
Caching takes a ‘snapshot’ of the page and delivers this snapshot (usually from RAM memory on the web host versus disk) instead of the generated page content mentioned above for requests of the same nature. As you can imagine, this is far quicker and therefore your visitor sees your page content load in a fraction of the time it takes without caching being implemented.
What Do I Do When I Add Or Change Content?
Don’t worry, caching plugins today take notice when you add, remove or change content on your website and automatically create a new cache version of the page to ensure the next visitors see your latest edits.
Is It Really Worth It?
Absolutely, yes. A website will typically load 150-200% faster after caching is installed! There are 2 distinct types of caching to achieve this result, browser caching and server-side caching, we’ll cover those later in this blog post. A great website to use to check the effectiveness of installing caching is Pingdom Speed Test – we’re rated an “A” there (https://tools.pingdom.com/#!/c9tvGM/https://hugotonhosting.co.uk) as we use caching and other forms of page loading optimisation such as CDN (lookout for more blog posts on those soon).
Browser caching ‘tells’ the browser which files to store locally so that next time the visitor loads a page on your website their browser uses its local copy of the aforementioned dependency files. Saving bandwidth and time!
Hugoton Hosting uses browser caching, so when you first landed here your browser will have downloaded a number of dependencies, when you refresh this page or take a look around our site however, your browser will use its local copy.
Server Side Caching
We spoke about server-side caching earlier, and how content is served from a ‘snapshot’ held in RAM. There are a couple of types of server-side caching, full page and object. The full-page caching option is the way to go here, object caching only caches certain components of your site such as the headers or footers. For optimal performance always opt for full page caching.
Okay, So How Do I Start Caching?
In this blog post, we focus on how to cache your website content via WordPress. Depending on your web hosting provider it may be possible to cache none WordPress websites also, if you choose Hugoton Hosting as your web host we can help you out with this for sure!
WordPress Cache Plugins
In our opinion the below 3 plugins are the best out there for caching your WordPress content, while there are hundreds more we believe the below providers have delivered caching capabilities in the best & most efficient way via their plugins:
- Swift Performance – $29.99 per year – https://swteplugins.com/product/swift-performance/
- WP Rocket – $39 per year – https://wp-rocket.me
- W3 Total Cache – free – https://wordpress.org/plugins/w3-total-cache/
I’ve Installed Caching What’s Next?
If you’ve installed one of the caching plugins from above then you will have no doubt noticed a performance boost when loading your website, nice work! If you want to see what else you can do to increase the loading time of your website even more then you should consider serving your content via a Content Delivery Network (CDN) and using content compression to reduce the size of those ‘dependency’ resources we mentioned earlier. We will have blog posts about both of these technologies very soon, so be sure to check back for those!
Caching speeds up your website loading times, with no detrimental effects. This can, in turn, increase user satisfaction and boost sales … it’s a no-brainer!
All of our web hosting packages at Hugoton Hosting support caching, unlike some mainstream providers (like GoDaddy) who actually block WordPress caching plugins from being installed.
If you aren’t already heading off to start caching your website get to it 😊
Visiting a website to see “Not Secure” in the address bar is the worst thing you could hope for as a website owner. Since late 2017 Google Chrome, and all other mainstream browsers such as Firefox, Internet Explorer/Edge, Safari and Opera have been warning visitors that the website they are visiting does not have a valid SSL certificate installed.
Websites are served over a protocol called HTTP, which stands for “hypertext transfer protocol” – this is a standard way your computer communicates with the website you’re viewing. A secure site uses a security certificate called SSL, which changes the URL to HTTPS. This added security protects your computer’s communications so that it’s much harder for other people to “listen in” and figure out what you’re doing or get the information you’re sending online.
Having a “Not Secure” message appear when users visit your website can quickly raise users’ concerns about the non-secure nature of your site or forms. Anyone concerned about protecting their privacy and information online would likely be leery to input information on your website, including, of course, making a purchase. Additionally, a “not secure” warning could lead users to believe your site is hacked or, rightfully, view your site as vulnerable. Either way, the user experience will be affected. Another way your site could be impacted is in its rankings – Google wants site owners to maintain a secure certificate and views HTTPS as a ranking factor.
With Hugoton Hosting you can host your website within minutes and be sure that no “Not Secure” message will be displayed thanks to our free SSL offering that comes with every single web hosting package that we offer.
Just sign up, then activate your completely free SSL within your Control Panel once logged in. With only two clicks your entire website will be secure, and every visitor will see a “Secure” message in their address bar so they can be confident their personal information is protected while on your website.
Take a look at our Web Hosting packages today and host your secured site with us!
Video marketing can be a challenge for web hosting providers, but we think we’ve cracked it with our brand new video.
Over the past week, we’ve been working with a fantastic creative artist to produce the video above which showcases all of our offerings from website hosting to web design services to VPS hosting.
We’d love to hear your thoughts! … Don’t forget you can get 20% off all our website hosting packages by using coupon code HUGOTONVIDEO for a limited time!