pavlovmb — 2012-08-11T13:37:30-04:00 — #1
Wow, it's been ages since I was here. Lots seems to have changed.
I'm going to register a new domain and put it on a separate hosting account from my current one. Some hosts offer various 'privacy' solutions. My question is, is that sufficient and how certain can I be that no one can find out who I am? Of course I realize there may not be a definitive answer here, but I'm just looking for your thoughts on it. It's not the end of the world if they find out who I am, but I'd prefer to stay under the radar.
In case you are wondering - I am not up to anything shady. Quite the contrary - I will post about people who do shady things, and I know from experience that they will go after me.
PS if you are very bored, don't read my old posts, I was probably a big know-it-all who in retrospect knew very little
sogo7 — 2012-08-11T18:15:02-04:00 — #2
Guess it really depends on who you plan to pick a fight with lol!
Your typical rogue builder or other dodgy trader is not really going to pose a threat to site security. Of course they will dedicate a lot of time to spamming your email directly or via the contact form and a forum if you have one, so 'super' cookies come in handy for tagging troublemakers who are not computer savvy.
The WHO IS details for a site are also legally supposed to up to date and correct, but of course running a site takes up a lot of time and sometimes webmasters forget to do things or fat fingers with a lapse of concentration can cause the odd typo error for a postal address. Though you should as a precaution rotate FTP passwords regularly, make sure the site is not vulnerable to SQL injection and if you have adverts then some real-time activity monitor to prevent click-bombing could not hurt.
ralphm — 2012-08-12T02:17:45-04:00 — #3
Some domain hosts—like GoDaddy—allow you to hide your personal details from WhoIs and show their instead. They charge a small fee for this, though. I'm not sure you can hide your name, though.
pavlovmb — 2012-08-12T17:16:27-04:00 — #4
Thanks for your suggestions.
I'm not picking a fight with the hacking community, but it is generally people who are savvy in the web area and have access to resources.
I guess I'll make use of the domain privacy options available on the market for starters. Fortunately the site will be very low-tech without a lot of features or any ads for that matter, so that should limit their options in terms of attacking the site somewhat, if I understand you correctly.
If anyone has additional tips, I'd love to hear them.
dklynn — 2012-08-12T18:01:16-04:00 — #5
Actually, hackers don't go after individuals, they go after computer systems (websites being the most obvious). Hiding your identity will not provide any defense at all if you use your website to upset a hacker. In fact, it may make it more of a "game" for them to get into your website (and/or host) to find some personal identification while they deface your site.
In other words, you're going about security all wrong. Obfuscation is no protection at all. Use a host which has good security (DDOS prevention and login blocking are two things that WHB has that has impressed me), VERY strong passwords to access your cPanel/WHM as well as FTP accounts and secure coding practices are the important things for you to concentrate on, not hiding your identity (a Court order to your host is all that's required to reveal all).
There are a lot of books out there which can teach you something about security so I'd advise you do that rather than waste your time "hiding" - it doesn't work.
Go look-up Certified Ethical Hacker (CEH) if you are interested in security or BackTrack if you're interested in the primary (set of) tools of use to both sysadmins and hackers. It's a scary world out there!
pavlovmb — 2012-08-13T14:31:35-04:00 — #6
Actually, they aren't hackers and the domain privacy is simply to prevent those who'll be generally annoyed with what I do from doing a whois and finding out who I am.
That said, It seems like a good suggestion to use a host with good security measures as some of the disgruntled parties may decide to go further, such as trying to take down the site. Would you have any specific recommendations for a host that would fit the bill?
dklynn — 2012-08-14T05:32:53-04:00 — #7
I just moved to WebHostingBuzz and have been "innundated" (not really, one is too many and that's what I seem to get per day) with e-mail notifying me that someone in Korea, China, India, Canada, etc. have been making very basic attempts at passwords on my WHM account ... and being permanently blocked for their effort! I was shocked at the first one but am thankful that WHB takes security seriously. Okay, that was with a dedi account but I'm sure that they protect all their servers the same way.
eastcoast — 2012-08-14T19:21:45-04:00 — #8
A couple of other tips with regards to improving anonymity - don't host multiple sites/domains on the same host as these can be detected and traced back if they don't also have domain privacy. Remember that it is possible to gain historical dns records, so if domain privacy hasn't been in place from the start this is another potential discovery point. Also, again if you develop multiple sites, beware structuring your sites using filenames and structures that would be fairly unique, as this can also be tracked to other less anonymous sites. Lastly, be aware of mentioning the domain or site specifics on forums and social media under any username that could be traceable. E.g if you used pavlovmb in association with your new domain, then anybody interested could find out exactly who and where you are.
pavlovmb — 2012-08-16T05:54:32-04:00 — #9
Great, all good suggestions here. I think I have what I need to move forward for now, thank you for the help.