Web Hosting and Hacker Attacks
The term web-hosting means the storage of a website on a server's hard drive. A website is basically a folder which contains various files and subfolders. By copying it to a Web Server, we are actually making it available to everyone on the Internet. All it takes to retrieve the contents of this folder, is a browser that will take various files and will combine them into a human-readable web page.
A server consists of the hardware, which is quite similar to the hardware of a Personal Computer, the Operating System -which is the piece of software that manages computer's resources and facilitates it's communication with the "outside world", the Services -which determine and regulate all the individual tasks that the server is carrying out, and some other programs such as antivirus, firewall etc.
Although web hosting at first might sound as a simple and easy task, turns out that not only is not, but also carries a lot of complexity and requires the skills of a specialist called "Systems Administrator". That is of course if we don't want to turn our Server into a playground for hackers!
The Systems Administrator (or SysAdmin), will not only choose the correct software bundle (operating system, services and programs), but occasionally might also suggest hardware modifications that he/she thinks are necessary for the smooth operation of the server.
Once the server is ready, the proper software is installed, and passed all the security audits, it goes directly into production. If it's a "Web Server" we create the users and upload the websites that it will host. Once a website is online, it exposes the IP address of it's hosting server, and a non-stop series of hacker attacks begins. Hackers usually employ mass attack programs (also known as bots) to locate a server with a certain voulnerability, and then proceed to hacking that machine. Among their goal usually is to "deface" the hosted websites, or to steal information from their database.
The most important and difficult job of a SysAdmin is to monitor these attacks, find software vulnerabilities and install the appropriate software updates and patches, that will eliminate these vulnerabilities.
A very popular attack is the DoS (Denial of Service). It was trending some years ago, when most machines were not software-ready to repell such attacks.
Every server has a certain amount of resources that can serve so many requests per minute. A DoS attack creates numerous requests from completely different IP addresses located all around the world, that a server cannot handle and just "blocks". This does not usually impose a permanent damage to the server or the hosted websites, but once it becomes "targeted" is a matter of minutes or even seconds before it goes "down".
The repelling of various attacks is a never ending task and nowadays rather automated for servers that host mainstream websites. The hard part begins when we host websites of "special interest" such as political or religious sites which except from their many fans will also attract a good number of opponents!
In that case is very much anticipated an organized hacking attack often by one or more -and often quite competent- attackers, that can really make SysAdmin's life very difficult.