How Web Hosts Prey on Beginners

August 28, 2011

I was recently reading Popular Science (which I get a lot out of) when I ran across an ad for a major, well-known Web hosting company. Obviously the company focuses on cheap hosting—the company’s plans start at $5 (US) per month, but a few things in the ad caught my eye. In particular, the ad reminded me of how many Web hosting companies, particularly those that provide cheap hosting, prey on the ignorance of beginning Web developers. Let’s look at some particulars…

What really struck me first, is that the hosting company claims that they support “ASP, .NET, AJAX, LINQ, PHP5, PERL, and SSL”. I’m okay with most of that, but Ajax? The hosting company supports Ajax? Since Ajax is really, by definition, a Web browser thing, I do wonder how a hosting plan supports or doesn’t support it. You pretty much might as well claim to support JavaScript, HTML, and CSS. Yes, Ajax requires a server-side backend (i.e., those server-side tools already listed), but claiming to support Ajax is completely disingenuous. It also goes towards the bigger problem of preying on the ignorance of beginning developers. I can just imagine someone try to select a hosting company and ruling out good alternatives because those other companies don’t explicitly state that they support Ajax. Oy! This misleading line piqued my curiosity, so I looked over the ad in more detail.

Next, the company claims “double security”, because your Web site will be hosted in two locations in the data center. First of all, security isn’t a quantifiable thing, which can be doubled or halved. Frankly, if you’re going to “double” security, then why not just “triple” it? Or maybe I want my hosting to have “quadruple security”! Second, suggesting that a site is at all more secure because it’s hosted in multiple locations of the same data center (from what I can tell, it is the same physical building), is ridiculous for two reasons:

  1. The most common security failures come from the network: from other computers on the Internet taking advantage of security holes in a site or server. If the same site is on two servers, and the site (or the underlying OS or any software on the server) is the same on both, then the amount of security is not increased at all.
  2. If you’re worried about internal security—people having physical access to the machine, then undoubtedly the same people would have access to both machines.

“Double security”? Ha!

The company’s ad also claims to have “1,000 in-house developers”. Without further consideration, I think we can all agree that’s BS. In fact, I just checked the corresponding site online, and there it says “over 1,000 in-house developers”. Because just 1,000 wasn’t enough… How many companies have over 1,000 employees?

Those three marketing gimmicks were specific to this particular company and ad, but the ad also included common things that many cheap hosting companies do to lure in beginner developers. And by that I mean they present overwhelming, impractical hosting plan specs at a very cheap price. In this particular example, a hosting plan comes with 500 email addresses, 150GB of disk space, and unlimited traffic (this is the mid-grade plan: a whopping $7/month). Now unlimited traffic is all well and good, but 500 email addresses? As a tip to those just starting out: if your site really needs 500 email addresses, you’re going to want better hosting than what you get for less than $10/month. And 150GB is nice, but again, if you have that kind of need, you probably need better hosting overall.

And this is where Web hosts really prey on beginners that don’t know any better (and I was certainly there once myself): cheap hosting companies offer big, shiny numbers, which are quantifiable and nice, but obscure the bigger problems of overall security, customer support, and server performance. As I wrote in a forum posting about Web hosting recommendations, you have to think about the real economic picture:

Let’s say the cost of physically buying a server, putting it online, and maintaining it (i.e., what the hosting company covers, plus a profit) costs X. And let’s say X is $500/month, for the sake of argument. If I’m paying $50/month, then there are probably X/50 clients on the server, or 10. If you’re paying $5/month, then there are X/5 or 100 clients on that server. That means 10 times the people/sites using the same resources, the same bandwidth, and so forth. That’s got to have an effect on performance. More importantly, that means 100 clients whose code could be introducing security holes that undermine the security of your site, too.

Now I’m not saying that you need to go out and spend $50/month like I am, or even $20/month, what I’m saying is that you get what you pay for. Cheap hosting companies sell plans by offering you things you don’t need—495 more email addresses than necessary, 110GB of space more than you need—at the cost of things that are harder to quantify and are way more important: security, customer service, and performance.

Finally, another thing cheap hosting companies offer is free domain name registration. You absolutely don’t want to do this. If you decide to switch hosting later on, it may be anywhere from expensive and difficult to outright impossible for you to switch that domain name. This means that you could, if you’re lucky, create a popular site and therefore outgrow the cheap hosting, only to discover that you’ll need to change the domain name when you move to a better hosting company and plan (this is a lot like how you used to have to stay with a bad mobile phone company in the US because you’d lose your cell number if you switched). No matter how cheap you are, and I am cheap, spending the $10/year it costs to register your own domain name is definitely the way to go.