One of the most common concerns about virtual private servers (VPSs) is their security. Unfortunately, there’s no 100 percent fool proof, hack proof, indestructible means of hosting your website. However, there’s a broad spectrum of just how safe a server can be. VPSs are, by nature, virtual. There’s one single physical server that your host provides. That physical server could technically be damaged, stolen, manipulated and more—so the safety of your hosting really depends on the safety measures taken by the host.
As a VPS customer (or potential customer) you should know exactly what kind of safety measures surround the physical server as well as what’s being done to prevent viruses, hacks, etc. within the virtual setting. The good news is that, unlike basic shared hosting, you’re not sharing resources with anybody else. Yes, you and a few other clients are all using the same physical server in some capacity, but it’s been sectioned off into numerous virtual servers so you each have your own. That instantly boosts the safety factor well above what you could get with basic shared hosting.
Let’s focus on how safe that physical server is. It’s likely housed in a data center, and these facilities can have all types of safety measures in place (or not!). A good web host will have a solid data center situated in a secure region that isn’t prone to break-ins or natural disasters. Ask your web host where “your” physical server is located. They should legally tell you where it is; although they may not divulge many details (being too transparent can make their data centers and servers vulnerable to hackers).
In some instances, bigger web hosts may even offer tours of their data center. You can see for yourself how the racks are maintained or what kind of security is in place (CCTV? Officers? Is there around-the-clock surveillance?). However, never assume that a data center is where your server is actually held. There aren’t any rules your host has to follow. It’s possible your server is in a basement in a home in Tornado Alley. That’s why you always need to ask.
A boutique web host that’s mid-sized is your best bet for blending security with customer service. They’ll have the tech know-how and the funding to keep the physical server in a secure environment, but they’ll also be more likely to give you the service you deserve. Go with a tiny, “no-name” host that’s only been in business a few weeks, and you can’t be certain where your physical server is or if they’ll even be in business next week.
Keep in mind that physical servers are rarely targeted for attacks, especially if most of the host’s clients are small businesses, blogs, etc. The ones targeted for attack are likely military-related, linked to massive websites, financial websites, or other clients where the damage would be most intense. Still, it’s well within your right to ask about security measures surrounding physical servers and what the plan of action is if something goes wrong.