For the Virtual Domain Hosts, We hope you’ve taken our advice and chosen to place your system on a third-party server. There are so many ISPs and specialized companies that offer Web hosting services,
it would seem a very simple task to find the right one for you. Unfortunately, it’s not so easy. However,
we have found it matters little whether your host is in the same city or even the same state (provided you use a separate service for dial-up).
Comparing Virtual Domain Hosts—What to Ask
So, how do you know which virtual host is right for you? Well, you will need some information to make that decision. In fact, we assume that you don’t even know the questions to ask, much less the answers to them. In order to speed you through the process,
we’ve put together a basic list of your potential needs and have incorporated them in a checklist format for sending out a questionnaire via e-mail.
Here are some questions that you may want to ask each potential ISP (your own priorities may differ):
Do you offer virtual hosting of my domain name?
Obviously, this is why you’re looking in the first place. However, we’ve run into providers that have tried to talk us out of using our own domain, and there is simply no good reason for this.
The biggest reason providers would try to do this is that it gives them control over how you handle your online business.
If you perform business under a provider’s domain, the provider has the control. For instance, if you keep your pages at www.provider.com/~yourname/, you won’t be able to move to another server without changing your address. In short, don’t fall for this ploy.
Another situation occurs when the provider’s WWW (HTTPD) server is not sophisticated enough to properly handle aliasing. The server should be set up so that it recognizes your domain as something unique, and not just an alias of its own domain name.
The address www.yourname.com should lead directly to your own index (home) page. If your provider candidate says that your address will have to look like www.yourname.com/yourname, or www.yourname.com/home.htm, you’ll want to keep looking.
Do you provide a high-speed, redundant connection to the Internet?
There are many different connection possibilities to the Internet. It’s possible to host a WWW system on a computer that’s hooked up to the Net through a modem, but, of course, it’s very slow. For commercial purposes, you’ll want a T1 or faster connection.
Most modems access the Internet at a rate of at least 14.4Kbps (fourteen point four thousand bits per second). A single-channel ISDN line connects at 64Kbps, and there are other types of connections that range in speed from 56Kbps on up.
A full T1 connects to the Net at a rate of 1.54Mbps (one point five four million bits per second). In other words, it can access the Net 100 times faster than a 14.4Kbps modem, or it can transfer enough information to keep 100 14.4 modems working at full speed (as in the case when 100 people are accessing the system at one time).
We say “full” T1 because it is possible to have a T1 connection, but only use (and pay for) part of the possible bandwidth. This is called a fractional T1 (or FT1). If a provider says they use a T1, always make sure they are running a full T1.
Your next option is a T3, which transfers at a rate of more than 44Mbps. (Don’t get into the habit of thinking that a T3 is three times faster than a T1—it’s actually nearly 30 times faster.)
The next evolution in high-speed data transfer are optical connections (as in fiber-optics) that start at about the same speed as the T1, and may soon begin offering speeds that will make the T1 look like two tin cans and a piece of string. It’s good that you know things will be getting faster, but just keep in mind for now that a full T1 is minimal.
Do you provide access logs?
Access logs contain information on your site hits: who accessed your system and when, any errors that occurred, and so on. They are kept in a file on the server. There are three main ways hosts offer access logs to clients.
\Online access log summaries are very easy to use and generally offer the most graphical interface to view your access logs. Many hosts send their clients the summaries of their access logs via e-mail (on a weekly or monthly basis). While these summaries certainly involve the least amount of your time, they are often quite limited in the information they provide.
Some hosts only offer access to their raw logs, which look like a huge mess unless you use software to decipher them. This is by far the most difficult way to view your hit information, but it can also be the most informative. (For more information on access logs, see Chapter 25, “Maintaining Your System.”😉
Do you have a secure commerce server?
A commerce server uses encryption methods to transfer secure information (such as a credit card number) over the Internet. It literally puts your information in a very hard-to-break code, so that it can be sent over the network, away from peeping eyes.
Even though current encryption methods create codes that are so hard to break the U.S. Department of Defense and National Security Administration regulate them, there’s no way to make an unbreakable code. This has been a big issue on the Net.
The problem stems from the fact that the Net is a public network. Remember in the first chapter of this book, where we talked about how information was transferred over a network?
We said that the machines are given addresses, and that they ignored messages that weren’t addressed to them.
Well, for the most part, you can consider that everything you send over the Net is available to everyone else. If they wanted to, people could read your e-mail, or anything else you send or receive.
The only way to secure it is to encrypt the files in a way that makes the files useless gibberish to anyone who doesn’t have the code key.
Commerce servers use what is called Public Key Encryption. This is a method whereby an encryption key is sent out as public information. This key enables people to write to you in a code that only you can decrypt.
It also allows for ways to verify who sent the file/message. It’s way beyond the scope of this book to get any further than this into the details of encryption methods (there are good books on the subject), so suffice it to say that it gets very elaborate, and is relatively secure.
We say relatively secure, because even with all the hubbub you may have heard in respect to sending your credit card information in cyberspace, it’s probably the safest way to use your credit card. Think about it. Every time you use your credit card, you’re giving people access to your number.
Whether you’re ordering something over the phone, giving your card to a restaurant server, or handing it to a cashier, this person can copy the number and use it. People can even dig through the garbage for your imprinted carbon paper and get the number there.
So what we’re really talking about is perceived security. In reality, a good encryption system that is worthy of national security (as most are) is a heck of a lot better than entrusting your card number to a telephone operator.
Unfortunately, there has been so much press about online security that people are scared to use their credit cards for purchasing. To help overcome this, you’ll want to offer ordering options (phone, FAX and mail), and you’ll want to use a smooth, highly user-friendly commerce server that sets people’s minds at ease.
Netscape has made security a main focus, and the Netscape browser has security functions built in (it even warns you when a transfer is about to be made to an unsecured server).
Since Netscape is a name recognized by most users, it also plays a big role in perceived security—a potential customer might feel better using a Netscape Enterprise server than they would using “Billy Joe Bob’s secure server.”
This is why we specifically requested a Netscape Commerce Server on our e-mail questionnaire, although we give a prospective provider the opportunity to offer an alternative.
Is your server hardware on site?
Some companies selling Web space have no actual hardware on site. They act as resellers for the server space on other people’s systems and serve as middlemen for technical problems and setup.
There is absolutely no reason to use this type of service; they often charge more than an on-site service, and can end up being a pain when you have a problem. After all, when looking for efficiency, involving more middlemen seldom does the trick.
How much storage space do you provide?
A big misconception when it comes to Web sites is storage space needed. People often overestimate the amount of space their system will need.
Many providers will package storage at in sizes of 5, 10, 20 megabytes on up. In reality, most systems will use less than a megabyte of storage space. (We’ve produced highly graphical WWW systems that take up less than 250KB total.)
Unless you are planning a system with hundreds of pages, or plan to post very large files online, 5MB should be ample space for most commercial sites (unless people are uploading information that you plan to store). A good provider will tell you this.
How do you provide for CGI services?
CGI stands for Common Gateway Interface—and also, Computer Graphics Interface, which we mention so that you’ll know that to some computer people, the term CGI might mean something else.
This is covered in more detail in Chapter 11, “Integrating HTML with CGI,”; but it’s important that we address it now, because you will almost definitely want to run CGI scripts.
CGI makes it possible to run an external application (or gateway) under a Web server. (Actually, it’s designed for other uses as well, but those are not our concern at this point.) A CGI-BIN is the place where the CGI scripts are held.
These scripts enable the WWW server and browser to run external programs, without the need to launch another application.
If one CGI script were able to do the same thing on every computer, scripting would be easy. Unfortunately, the CGI script relies on the operating system of the server, so a PERL (UNIX) script might look like garbage to a non-UNIX server, and so on. You’ll need to have a custom setup of your CGI scripts.
Most servers have CGI-BIN directories, which you are able to make use of. This is a good start, but not good enough. You should be able to have your own CGI-BIN so that you can run your own scripts (rather than adapting your system to work with the scripts that already reside on the system).
Furthermore, your provider should be willing to set up the CGI-BIN, and should also help you in writing the scripts. This stuff is a cake-walk for a decent programmer, and your provider should be willing to offer this service at little or no charge.
Do you provide e-mail boxes under my domain?
Since you can only register your domain name under a single server address, your ISP should be able to provide you with several e-mail addresses under your domain.
If you’ve surfed the WWW much, you may have come across pages that have an address like www.somename.com, but the webmaster’s address is something like email@example.com. This might occur if the person who owns the page has someone else acting as webmaster, but it’s more likely that the server hosting the Web site doesn’t have a mail server.
A virtual host should be able to set up multiple e-mail boxes for you, so that you can have e-mail for everyone working for the company,
as well as aliased mailboxes such as sales@, support@, webmaster@, and so on—even if you’re the only person in the company. Any provider who can’t do this is not the provider for you.
Furthermore, an e-mail address has eight characters before the @. There are, however, ways of aliasing this address, so as to allow for more than eight characters. In some cases, you might want to have an e-mail address like William.Shakespeare@domainname.com, rather than firstname.lastname@example.org. This won’t pose any problems to a service provider worth his/her salt.
Do you have an autoresponder e-mail system?
These are used to send automatic responses to people requesting information. For example, people wanting pricing information from you can simply e-mail price@your_company.com. They are then sent an automatic reply with the information.
Although we can set these up without the host’s help, we have found it much easier to go with a host who has already set up an autoresponder. Remember, no need to reinvent the wheel—you have more important things to concentrate on now.
Do you provide any mailing list services?
If you want to run a large discussion group, or send an electronic newsletter, you will need a mailing program. There are other options available to you (see Chapter 15, “Customer Service Online”), but it’s just so much easier to have that resource available to you, and there’s really no excuse for your ISP to not provide this service.
How do you handle file transfers?
You’ll need to have direct access to your HTML files, so that you can update them and fix errors immediately. Most providers are able to put the files in a secure directory, where you can access your pages via an FTP (File Transfer Protocol) client.
Obviously, these files should be secured by a password, so that only you can add, delete, or make changes. (Note that for the WWW to work, anyone must be able to read your files, but only you should be able to mess with them.) This is usually accomplished by having the WWW server mirror certain directories on the FTP server.
Some providers have firewalls set up between the directories where you place your files and the directories where they are stored for WWW retrieval.
A firewall is a protocol that protects one part of a network from another by controlling the access between the two parts. In some cases, there may be a time delay in posting the pages that you’ve changed. The provider may have a time lock that won’t post pages until the next day, and so on. This is rare, but you might run into it.
Sometimes, a provider has set up no protocol for using FTP to access your files on the WWW server, and says that you can just e-mail the files to them and they will post them.
Forget it! If the provider hasn’t made the arrangements to handle this automatically, they’re not the company you should be dealing with.
Another problem occurs when the provider uses your FTP directory as the WWW directory itself,
with no security measures to keep others from gaining access. In other words, your competition could easily access your directory and delete your pages—or put their own up!. Obviously, you don’t want this.
How do you provide technical support?
You want to be able to get on the telephone with a real person. If a provider tells you that its technical support only communicates by e-mail, forget them. While e-mail works great for some questions,
many problems require the back and forth communication that e-mail simply doesn’t provide (such as figuring out software problems). As a bonus, a few hosts now offer toll-free numbers for technical support.
Are there any discounts on setup fees?
If you already have your domain name, you will have to modify your information with InterNIC. If you do this yourself, many hosts will discount their set-up fees. They should be willing to do the same if you are registering your domain name yourself (that is, a new domain),
since the work involved on their part is identical.
By no means do you have to have e-mail boxes through your access provider
(the computer you dial up to access the WWW yourself).
Your mail server can be anywhere on the Internet, and as long as you have a decent dial-up provider,
you should never notice a difference. You might even ask for a discount,
since your dial-up provider will not be providing mail service (unless your access and WWW hosting provider are one and the same).
The Netscape Enterprise server is the newer release of the Secure Commerce server. However, it was not released prior to our writing this section of the book.
A T1 may not be fast enough if your service provider is using this line to service many accounts. This will be dealt with later in the chapter, when you test your server’s speed. Just keep in mind that anything less than a full T1 is probably not going to work well for you.