The only thing that secure SSL email does is encrypt the messages as they transfer on the web. That makes it more difficult to intercept messages in transit.
The web server is only as secure as your hosting company. A web server may host hundreds of websites. I've seen as many as 4,000 web sites on a single server at a cheap hosting company.
There are multiple sets of passwords that should be complex in order to be secure.
1. The web server level, which you do not have access to if you are on a shared hosting account. The mail server may be on a different web server than your websites.
2. The hosting account level, which is most likely cPanel if you are on a Linux server.
3. The email accounts. The hosting account usually gives you access to the email accounts and passwords.
4. The web site's admin login. This depends upon the web site software you are using.
If a hacker breaks in at the server level, none of the sites on the server are secure. Make sure your hosting company uses a firewall and someone monitors that firewall. Most firewalls will automatically block IP addresses that attempt to hack passwords at the server level.
Most hacks occur at the web site level. Hackers use bots to probe for vulnerable scripts on a web site. That's why your web site's log files frequently show thousands of requests for non-existent scripts per month. From my experience, the majority of probes originate in China in the cities where colleges are located.
You can harden servers, accounts, and web sites, which makes it more difficult for hackers to get in, but there is always some new vulnerability that a hacker discovers that give them a backdoor entrance to millions of sites. Make sure to keep all your web site software updated.
If you are concerned about emails falling into the wrong hands, keep in mind that any email that passes through an ISP or freebie email account is likely recorded. GMail, Hotmail, Yahoo, your ISP, and others likely have copies of every message you have ever sent or have received. While some people deny this, I was involved in a court case (not as the defendant) where the prosecutors presented a large stack of emails going back over 5 years. They did not retrieve any of the emails from the defendants' PCs. Several of the PCs had recently been replaced. They also would not reveal where or how they obtained them. Yes, Big Brother is watching.
Your PC also stores copies of all your messages unless you "compact" the email after it has been deleted. A deleted file is simply flagged so it does not display. Compacting the files removes all the deleted messages.
Bottom line: Nothing on the web is completely secure. Always keep that in mind.
Security of webhosting
Aucun commentaire:
Enregistrer un commentaire