In house website hosting

GalaxyTechService used Ask the Experts™
Hello Experts,

One of our clients wants to bring there website in house and host it themselves.  Currently they do not have a server but will be having us set one up for them.  i know this is a broad scope question.  What would the general necessity's for hosting your own in house website, firewall, server, software, etc?

Thank you,

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
David FavorFractional CTO
Distinguished Expert 2018

This is fine for hobby sites, as site will be down for many reasons over time.

If your site must be online 100% of the time (multiple network connections, fuel powered backup generators, rack UPS), then use a provisioning company.

OVH has very cheap prices... far cheap than running in house multi drop connections + generators.
ok, the first question to be asked is, what sort of traffic is this site going to be handling?  
This will give you some avenue to persue as far as will your current internet connection sustain the traffic?
Firewall, that's something that you can ask 10 IT people and get 11 answwers.   My two cents worth, I'm partial the SonicWall firewalls, because they have good support, easy to configure, and I'm familiar with them.  Which one depends again, on the amount of traffic on the website, as well as how big your LAN is.  
Hosting a site is not all that big of a deal, and I would personally be looking at either Windows Server or Linux, but someone with more experience may disagree with this.  
answer the first two questions and we can drill down for more info, how much daily site traffic and how big is the current LAN?
might be good to determine if there is currently a server on the LAN, or if this server might serve more than one purpose?
J SpoorTME / Network Security Evangelist

From a Security aspect,
Web servers should always go into a segmented DMZ zone.
The firewall in front of the Webserver should have IPS (Intrusion Prevention Service) capabilities.
Ideally you should also introduce a Web Application Firewall (WAF).

IPS protects the Operating System
WAF protects the Web Server

For the webserver, you can either go the "easy" route and use MS IIS. But more ideal would be an Apache server. The latter will require Linux knowhow.
Developer & EE Moderator
Fellow 2018
Most Valuable Expert 2013
There is a good blog post about how Stack Overflow manages their site 

Otherwise, a cloud provider like Azure or AWS has this figured out pretty good and offer HIPAA compliance as well.  Or a good private company (I use Liquidweb).  Depending on what they are doing, it may be more cost effective to use one of these services and still use you for managing any issues that do come up.  I have had my share of issues at all hours and get most things fixed up quickly.  The worst thing so far was a drive that crashed and fortunately I had continuous off site back up as well as twice daily back up locally.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial