[OT] Self-host of website vs. farm-out to 3rd party

[JJCSR]

Does your company have a website (specifically with "shopping cart" activity)?    Do you host it yourself, or do you have someone else provide the hosting for you?   

 

I am curious to hear experiences from companies that have websites, and have "expertise" to pass along, regarding the hosting of those websites.    Do you do the hosting in-house?    How has this worked for you?    If you have a 3rd party providing the hosting resources, are you satisfied with their service?

 

If, in fact, you are providing your own hosting, what suggestions might you offer to insure maximum uptime, and most efficient handling of all transactions?

Thanks for any/all responses

Jim Cronin

Kittery Trading Post

 

[Charlie Noah]

Hi Jim,

As you may recall from our conversations, I've had my store with Intuit almost 2 years. I have been very unsatisfied with them and am moving to BigCommerce. They are more expensive, but have everything Intuit didn't have. So far I've been very happy with their software and especially their support. I've never tried hosting my store myself, and I really don't think I want that hassle.

Regards,
Charlie Noah

Tiny Bear's Wild Bird Store
"Everything For The Backyard Bird Enthusiast, Except For The Birds"
Info, Forum:  http://www.TinyBearMarketing.com
Store:            http://Stores.TinyBearMarketing.com
Toll Free:       1-855-TinyBear (855-846-9232)

--
You received this message because you are subscribed to
the "Pick and MultiValue Databases" group.
To post, email to: mvd...@googlegroups.com
To unsubscribe, email to: mvdbms+un...@googlegroups.com
For more options, visit http://groups.google.com/group/mvdbms

[Kevin King]

Hey Jim, there are a number of considerations but in my opinion it really comes down to the connectivity you need to the back end system.  On one hand, we host our own website here, but it has no e-commerce component.  The up side to this is that you get to control everything about the site.  The down side to this is that you get to control everything about the site, including machine administration, backup, etc.  Not entirely difficult, but definitely something to consider.

On the other side of this coin we sell a web portal for Prelude that is hosted by each individual customer.  We recommend that the solution be hosted internally because our solution makes real-time connections into Unidata to serve the Prelude information and it's much easier (and more efficient) if both sides of that communication are on the same side of the firewall.  Also, with the customers controlling their own web servers they can more easily configure the site and add images and other assets to the site without having to worry about limits assigned by a third-party hosting company.

There is still the issue of backup and other machine administration, but there are a variety of options available to ease that burden.  And with the ease of setting up virtual machines, you could spin up any number of web server instances very easily under your own command.

Let me know if I can answer any other specifics.

-K

[Dick Thiot]

All,

I am curious if you host your website internally what you do about your credit card transactions and PCI compliance.  

Kevin, if you host internally and have both the web server and database server "on the same side of the firewall" what do you perceive as security risks to the database server?  Is there some sort of firewall between the web server and the database server even if they are on the same side of the firewall?

I think that a major consideration is your credit card gateway and how your transaction payments are processed.  Also, will you purchase 3rd party eCommerce software?

Dick

[JJCSR]

Thanks to all replys:

 

Our site has been actively selling merchandise for nearly 6 years, and credit-card processing is handled through a 3rd-party.    PCI compliance is also in place.

My reason for this thread is to get some idea as to whether or not it would be advantageous to our company to consider bringing the hosting portion of the website in-house.   Our annual orders total about 18,000, heavier in numbers at Christmas than the rest of the year.   As with any other business, we hope to grow those numbers.

  

There have been numerous times when exceptional "degradation" of response time has caused consternation amongst our customers.   We can never be clear as to why the slowdowns occur, as we have no idea as to what activity is taking place at the hosting site.   How many customers are sharing the resources at the host-site?   What type of system activity is taking place to interfere with clients’ business?

 

At this time, I’m just trying to gather some information from other companies that do shopping-cart business on the web, specifically, how they handle the hosting of their sight.    Certainly, the amount of on-line transactions will be a consideration in differences between in-house hosting, vs. 3^rd-part hosting.

 

Thanks for all the input.

 

Jim Cronin

Kittery Trading Post

[Charlie Noah]

Jim,

Just a thought - does your hosting company offer dedicated servers? If so, that might eliminate a lot of the bottleneck without taking on the burden of in-house hosting. It would cost more, of course.

Charlie

--

[JJCSR]

Charlie:

 

Thanks for the reply and suggestion:

 

I am not convinced that simply having a dedicated server would be the solution.   I don't know what the impact is of "shared bandwidth", which may well be the major issue with the degradation of response.    It could be that I, along with "x" number of other clients, are sharing the same pipeline.

 

Again, thanks for your input. 

 

Have a great day,

 

Jim

On Thursday, July 12, 2012 10:51:24 AM UTC-4, JJCSR wrote:

[Kevin King]

Hello Dick, you bring up a good point.  The credit card transactions have to be handled by a PCI compliant service, of which there are several.  We don't want to be in the credit card handling business, but we can safely hand off information to services that handle all those details.

As to security risks, the security risks on the database server are the same as we've always had; any open port to the outside world offers an insertion point for all sorts of fugly.  Yet, Multivalue sites have been opening up telnet to anyone as long as they're on the back side of the firewall.  We open up one port on that side of the firewall, but we only accept input from one source - the web server - and then the webserver communicates with the database server only through a predefined series of API calls. So both sides of the conversation are tightly controlled, offering much better security than telnet.

So I guess you could say there is something of a firewall between the web server and database server; it's our connector.

-K