Dave Computer Geek

DCG Blog

All Your Eggs in One Basket? No Thanks!

When starting your own website, there are many questions you need to think about. One of these questions relates to having all your eggs in one basket, and why it would be best not to, especially from a business perspective.

By eggs, I mean your domain name registration (e.g. yourbusiness.com), hosting of records for the domain name system (DNS Records), email hosting (e.g. [email protected]), and web hosting (where your website is stored just like a house for it to live in).

Most web hosting providers and web designers and developers will offer to manage all this for you under one roof (or all in one basket). This can be good, however, it means you have a major point of failure right there that could be catastrophic for your business. Personal websites and smaller projects don’t need to worry about this too much, but I still recommend keeping it in mind regardless.

Let’s look at a worse case scenario.

You register and manage your domain with the one provider, this provider also manages your DNS, web hosting, and emails. Suddenly, and unexpectedly, that provider goes out of business or suffers a major DDoS or other severe attack. This renders the provider out of action, resulting in everything being unavailable, and you can’t do anything about it.

The domain will remain registered with the relevant registry for that domain, but the name servers (which define where your DNS records are stored) will point to an unresponsive or offline set of servers. No DNS means no website and no emails.

With both your website and emails unavailable, a major part of your business cannot function. If you are a totally online business or service, then everything fails. You’re dead.

I know this is a very severe example, but it is something that can, and most likely will happen to those that put all their eggs in one basket, making it a very poor decision to make for any project you consider important.

What’s the solution?

To put it simply, the solution is to put each egg in its own basket.

Domain Management with Dynadot

Register your domain with a provider who specialises in domains. I recommend Dynadot (www.dynadot.com), they are very knowledgeable and helpful, have a live chat for quick questions, and a support ticket system (similar to emails) where they can provide more technical or in-depth support. For those that like to do things themselves, this is precisely why I like using Dynadot, because they provide so much self control over my domains that I rarely need to get in touch with support.

DNS Records with Cloudflare

Host your DNS records with a provider that knows how to do DNS right. Cloudflare is my go-to for DNS hosting. For most people, their free plan will do. This allows you to use Cloudflare’s Anycast Network, which is a massive world-wide network of servers that stores all your DNS records, and delivers them to the requesting user from the server closest to them, making DNS resolution really fast. They also offer as part of their free plan, a proxy service, which hides the real origin of your hosting server, and can make websites load faster too, which is a win for user experience, all for free.

Email Hosting with ProtonMail

When doing business, its important to protect your client’s information however you can, and ProtonMail makes this very easy by taking care of a lot of that for you.

ProtonMail are an Encrypted Email Service Provider based in Switzerland. As you may already know, Switzerland has really strong privacy laws, among the strongest in the world. They also use an Encryption Standard known as Pretty Good Privacy (PGP). This is a form of Public Key Cryptography, where everything is Encrypted using your Public Key, and can only be Decrypted with your Private Key, and only you have access to that private key, making it practically impossible for your confidential emails to be read by anyone other than you.

They offer a free plan, however, if you wish to use your own domain, you will need to upgrade to a paid plan (correct at time of publication). Regardless of which plan you use, the level of protection you receive will remain the same. One last thing, when asked what strength of key you wish to generate, choose 4096-bit RSA (available at time of publication).

Website Hosting with Krystal

When it comes to choosing a website hosting provider (a home for your website), this will vary depending on your requirements. You will want to choose one that has a good reputation, and owns their own infrastructure and servers. If you are from the United Kingdom like I am, then I would personally recommend Krystal (www.krystal.co.uk).

Krystal themselves and their servers are based in London, UK, which has fantastic connections to the world’s internet, making your website accessible world-wide as fast as it can be for the particular networks involved for where your website users happen to be. They are also a 100% Green hosting provider, meaning they use renewable energy making a better environment for everyone, and they even contribute to growing trees in the Scottish Highlands.

All of Krystal’s servers and infrastructure is owned and managed by them. They have redundant DNS and Mail servers that are physically in a different facility to their hosting servers, although if you are using my recommendations above this won’t apply to you, and they offer off-site backups taken usually weekly but daily is an optional upgrade, and lastly they use the Industry-Leading cPanel for managing your hosting environment if you prefer doing things yourself.

For Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks, they have the capacity to withstand up to 1.5 Terabits per second (that’s 1,500 Gigabits per second). In fact, an attack was in progress as I was writing this, and I didn’t even notice a thing. The attack didn’t last long, they gave up due to not being able to take anything down.

Krystal are probably best suited to those based in the United Kingdom, but since they are based in London with fantastic connections to the world’s internet, I would still recommend them for those based overseas.

Final Thoughts

Separating everything out to multiple providers allows you to protect against one provider failing you for whatever reason, and also protects you against attacks targeted directly at you to take down your entire online service rendering you dead.

If they manage to take down your hosting server, your emails and all the rest of your domain’s functionality will still work. Thanks to Cloudflare’s massive network of servers spread out world-wide, your DNS is the least-likely to be affected, effectively meaning your services should remain available unless those services are targeted individually.

Hopefully this information was useful to you. Thank you for reading.

Share this page:

Posted by Dave on 15 June 2020 at 5:45 pm

This website is solely for the purposes of entertainment, and does not have the intent of copyright infringement. If you see your own content and wish it taken down, please get in touch.