eCommerce Made Easy

Demystifying Web Hosting and Security: What you need to know as an Online Business Owner

May 14, 2024 Carrie Saunders Episode 54
Demystifying Web Hosting and Security: What you need to know as an Online Business Owner
eCommerce Made Easy
More Info
eCommerce Made Easy
Demystifying Web Hosting and Security: What you need to know as an Online Business Owner
May 14, 2024 Episode 54
Carrie Saunders

Send us a Text Message.

Do you ever wonder what’s going on behind your website? Today, we are joined by my husband and tech expert Brandon Saunders to answer some common questions our clients have had concerning the inner workings of eCommerce websites.

 From defining where your site lives to understanding what your online shop is built on top of, we simplify the tech and explore how understanding the back-end of your website can save you money and keep your site better secured. 


Rate, Review, & Follow on Apple Podcasts

If you're loving my eCommerce Made Easy Podcast, I'd be thrilled if you could rate and review the show on Apple Podcasts. Your ratings and reviews help me reach more listeners and empower more people like you to thrive in the online business world.

Just click here to head over to Apple Podcasts, scroll down, give us a five-star rating, and share what you enjoyed most about the episode in the "Write a Review" section.

If you havent hit that follow button yet, now’s the perfect time! I have new episodes coming your way every week that you won't want to miss. Hit the follow button and stay up to date with the eCommerce Made Easy Podcast! Follow Now!



Join entrepreneurs and online business owners just like you in my Free Facebook Group “Website & Tech Tips for Online Business Owners”
 
 Where we help break down the tech and hurdles Online Business Owners encounter!
 
Simply to go ecommercemadeeasypodcast.com/facebook/ and answer the membership questions so we know you are a real, warm-hearted, online business owner.

Support the Show.

Be sure to subscribe to our podcast where ever you are listening!

You can find our show notes at:
https://www.ecommercemadeeasypodcast.com

Find more of our resources and newsletter subscription here:
https://linktr.ee/bcsengineering

eCommerce Made Easy +
Become a supporter of the show!
Starting at $3/month
Support
Show Notes Transcript Chapter Markers

Send us a Text Message.

Do you ever wonder what’s going on behind your website? Today, we are joined by my husband and tech expert Brandon Saunders to answer some common questions our clients have had concerning the inner workings of eCommerce websites.

 From defining where your site lives to understanding what your online shop is built on top of, we simplify the tech and explore how understanding the back-end of your website can save you money and keep your site better secured. 


Rate, Review, & Follow on Apple Podcasts

If you're loving my eCommerce Made Easy Podcast, I'd be thrilled if you could rate and review the show on Apple Podcasts. Your ratings and reviews help me reach more listeners and empower more people like you to thrive in the online business world.

Just click here to head over to Apple Podcasts, scroll down, give us a five-star rating, and share what you enjoyed most about the episode in the "Write a Review" section.

If you havent hit that follow button yet, now’s the perfect time! I have new episodes coming your way every week that you won't want to miss. Hit the follow button and stay up to date with the eCommerce Made Easy Podcast! Follow Now!



Join entrepreneurs and online business owners just like you in my Free Facebook Group “Website & Tech Tips for Online Business Owners”
 
 Where we help break down the tech and hurdles Online Business Owners encounter!
 
Simply to go ecommercemadeeasypodcast.com/facebook/ and answer the membership questions so we know you are a real, warm-hearted, online business owner.

Support the Show.

Be sure to subscribe to our podcast where ever you are listening!

You can find our show notes at:
https://www.ecommercemadeeasypodcast.com

Find more of our resources and newsletter subscription here:
https://linktr.ee/bcsengineering

Carrie Saunders:

I think it's important as a business owner to understand what exactly are you buying when you get a website and get website services. So today we're talking a little bit more technical, but we're going to try to keep it very high level. For you is in what is actually behind your website, what makes it run, what makes it tick and why is this really important to you. We're going to discuss the technology behind it at a high level as well as how does this help you either save money, so that you understand what you're buying, or keep you more secure and safe on the Internet so your website doesn't get hacked. So be sure to tune in to the rest of this episode and listen to the end as we give you tips and we bring a special guest, the B in BCS Engineering, on the podcast, brandon my husband.

Carrie Saunders:

Welcome to the e-commerce made easy podcast. I'm your host, k Saunders. When we started this business, all I had was a couch, a laptop and a nine-month-old. My main goal To help others. Now, with over 20 years in the e-commerce building industry and even more than that in web development, I have seen a lot. I love breaking down the hard tech into easily understandable bits to help others be successful in their online business. Whether you're a seasoned e-commerce veteran or just starting out, you've come to the right place, so sit back, relax and let's dive into the world of e-commerce together. Welcome back to this week's episode of the e-commerce made easy podcast. Today, we have a special guest with us. It's actually the B in BCS engineering. It is Brandon Saunders. He's actually my husband. We're actually high school sweethearts from way back when I won't say how long or we don't date ourselves and he currently works at the university Ohio University, teaching in the ITS department, and I'm going to let him explain a little bit more about him and his expertise.

Brandon Saunders:

Okay, you're going to hand that over to me awfully quickly, okay. So yeah, actually I think there should be a really cool opportunity for a flashback moment here back to episode one, when you actually introduced me, is that right?

Carrie Saunders:

Yeah, I think so, yep, or at least it's in the trailer, I think.

Brandon Saunders:

Okay, well, it's nice to meet everybody. I guess, at least virtually. Yeah, I teach. I guess at least virtually. Yeah, I teach at the University, ohio University, dancing around that in information and telecommunication systems, and I've done that for seven years. No, five years now, that's seven years.

Brandon Saunders:

Two years I was just kind of part-time at it, and many years ago Carrie and I graduated from Ohio University in computer engineering and we both decided to stay around for graduate school and then I ended up getting a job as a network engineer with the university and in doing that a lot of the work I did was in server environments, particularly as they interacted with computer systems.

Brandon Saunders:

So for as much as Kerry does software, I do a lot of hardware and networking. So I really like that stuff and, much like Kerry, I enjoy that process of simplifying it down and trying to explain it to somebody who doesn't have the kind of the same history or depth of experience, and that's kind of what got me into teaching. The reality is is many years ago we thought the roles would be reversed the other way, that Carrie would be teaching, I'd be the one running a business. But it's much better that she's over there and I'm over here. But anyway. So I teach a lot of IT-oriented classes, everything from our introduction telecommunications class, where we talk a lot about data and the way we manage data, all the way up through an advanced networking class that talks about deploying the internet on an enterprise or an internet service provider scale. So kind of run the entire gambit.

Carrie Saunders:

Well, it's good to have you finally on the podcast. We've been talking about this for a while now and haven't coordinated it yet.

Brandon Saunders:

A year later and I finally make it on the podcast.

Carrie Saunders:

So today's purpose for everybody listening is we want to explain to you, from a less technical way but with a little bit of technical so you can kind of understand it, what is really behind your server and how it works and why, as a business owner, we should understand this, even if we're not techie people ourselves, because we want to make sure that you understand what you're purchasing, want to make sure it's appropriate for you, and we want you to have some of the knowledge and skill sets to be able to determine that. So that's kind of the point of today. It's going to be a little bit more techie than sometimes we do on here, but we're going to try to keep it simple and easy for you to understand and help you make some better business decisions, especially as you grow and move forward in your business. That sound good, brandon.

Brandon Saunders:

It works for me. I mean, I assume if people have questions or something, they can post them on Facebook. Yeah, they can totally post them on.

Carrie Saunders:

Facebook, yep or email podcast at bcsengineeringcom. If you get confused, you can always email that if you have more questions on it, or find us in our free Facebook group. All right, so let's get started. The first question so where does my website live? I know a lot of people get confused about this when I'm talking to them and they don't quite understand what a server is and where it lives and what does that really mean. So what's your take on that, brandon?

Brandon Saunders:

All right. So your, your website is just a bundle of data, a bunch of files laying around someplace. The short answer to the question is it lives on a computer someplace. It's kind of a no-duh answer. The longer answer, though, is it really depends.

Brandon Saunders:

It depends on who you're buying your website from, or who your web service provider is, or who your web service provider is, and even that has a lot of spectrum to it that you've got to kind of piece apart and look at to truly understand what you're buying. On the simple side, you're buying your website as a service, and this is kind of the simplest form usually for smaller sites wouldn't have to be, and I kind of call out WordPresscom as kind of a really good example, and when we buy that sort of service, we often refer to this in the industry as software as a service or SaaS. So you're not buying a server, installing software on it, installing a website on it. You're just going out and you're buying kind of a website and you're letting somebody in the back end take care of all the technical details, and that's a really good business model, and I think I've heard you talk about those things before. By the way, I've always kind of dreamed of jumping in on your podcast. When I'm listening to them, it's kind of funny. That's funny I'm going to take some tight tracks every now and then. You'll have to live with that.

Brandon Saunders:

For a lot of our customers that we've dealt with over the years, they need more customization. So one of the problems with the software as a service model is you're kind of limited in the kinds of changes that you can make to your website and often, if you're really at least from our experience when you can do that, when you do have an opportunity for a lot of customization in your site, then you are going to pay a lot of money for it. So the other end of the spectrum, particularly for these customers who have a large volume or have their own software, you might buy that computer yourself and actually the computer where your website is. That's something you're going to learn. And then this is a term that will kind of loosely use a server. The notion of client server is a little bit weird in some ways, but we're going to just call it our server in this case.

Carrie Saunders:

So Makes sense. So when we're talking about a server, is that really different than the cloud? I know I get a lot of customers that get confused about what the cloud is and it sounds cool and special and all these fun things, but what is really the cloud?

Brandon Saunders:

Well, at the end of the day, cloud server, these things are kind of today's synonymous, anonymous. The details that differentiate those things is kind of the core of a 15-week-long university class that I teach, so we'll try to simplify it here. So, in its simplest form and again, a lot of these things exist on kind of a spectrum. The computer where your site lives when you're not buying SaaS, you're buying your own system is a physical machine, much like your laptop, your PC, and in modern computer systems they have a very similar architecture to them too. There's very little differentiation between a server computer and a computer that you would use at home or at work. The biggest difference in them at least that matters here is that usually these machines are going to live in a nice facility someplace, a data center, and some of the important values of the data center is that it's going to keep this machine nice and cool, it's going to keep power to it all the time and going to keep a really reliable internet connection. These are the big football-sized rooms, football field-sized rooms where we're keeping just rows and rows of stacks of servers and you can go search the internet for lots of fun pictures of server rooms. They're probably all right for somebody in this world. Lots of pretty patterns, if you ask me. So the biggest difference between, or the biggest at least visible difference, is that those computers generally don't have a monitor, a keyboard and a mouse plugged into them. They're designed to be running all the time.

Brandon Saunders:

The reality is that very few organizations actually have enough demand on their computer systems to actually warrant owning their own hardware, and generally this is reserved for very, very large companies. You think about the Fortune 500 or companies that just have a lot of need for really intense computational demands, big applications someplace. So that's not very many of the customers we've seen over time. So what we don't want from an industry perspective is that a bunch of those machines are sitting around doing nothing. We want to keep those machines as consumed as far as their critical resources, as much as we possibly can.

Brandon Saunders:

So we add a layer on top of those physical machines and we create virtual machines on top of them, basically little mini computers that live inside of another computer, for the lack of a better term. But it lets us do a lot of sharing of these very expensive physical machines, of these very expensive physical machines. So at its extent, this is where we start to create a cloud. So you've got physical machines, you've got a layer of virtualization and then you've got some level of cloud kind of software as a service functionality that sits on top of that. Again, the details are really important here.

Carrie Saunders:

Details that really important here and, yeah, again something that we talk about in pretty extensively in the classes I teach well I think, I think the point of it, though, is to help bring the cost down of utilizing the server, so if you're utilizing the server's resources, and so that's why cloud computing can be a lot more affordable.

Brandon Saunders:

Yeah, yeah, so easily. If you wanted to run your own physical piece of hardware in a nice data center one. They won't sell you just a single computer, they're going to sell you a whole racks of computers in a space. You're talking about Probably tens of thousands of dollars of monthly cost just to run the space, and the machines themselves are easily $10,000, $15,000 a machine. And very few sites need that much, or at least the sites we work on need that much computational capacity. So adding on a company that will sell you a fraction of the virtual machine or sell it to you as a cloud function, that's really you're getting largely the same thing. It's just how we implement them under the cover set's different.

Carrie Saunders:

Well, I think that takes us to our next question, which I know the answer to which is what is a LAMP, what is a LAMP server, and what does LAMP really mean? But I feel like it's kind of important because a lot of people don't realize, especially business owners, like what's really okay, we've got the server. Well then, what's on top of that and how, why should I care? So what's on top of the server, and an acronym is LAMP, and I'm sure you'll explain that to us.

Brandon Saunders:

Sure, lamp's not a unique acronym. There's a couple of other ones that it's kind of got brothers and sisters, but LAMP stands for Linux, apache, mysql and PHP. So, again, a lot of the sites that we run or consult for the application that you're using. I'll let you decide whether we talk about the specific applications or not, but they're usually written in a language called PHP and some other kind of associated languages. But that is kind of the first step along the way. But regardless of how you're buying your physical hardware, whether you have your own server or you're buying it from a cloud or some level of service provider, you're going to layer pieces on top of that to get up to your application and we'll go ahead and dive into. The first one is Linux, and we'll go ahead and dive into.

Brandon Saunders:

The first one is Linux, and a lot of people, at least at home, are running on PC or Mac, so you're used to dealing with either Microsoft's Windows operating system or the Mac operating system. Every computer out there has to have some operating system associated with it, at least if it's going to be a valuable or interesting computer. Um, there is exceptions, but the two of us are thinking way too hard about that at the moment. Um and um see, uh, linux is a kind of a different um operating system. Um, in that it's free and open source. Um, have you talked too much about open source on the podcast?

Carrie Saunders:

I have some, yeah, where you can actually edit the code. Wordpress is a big example of open source and we work with a lot of shopping carts like Magento and XCart and OpenCart that are all open source too, which means you can edit the code. It's really all it means is you can, as a developer, you can edit, modify the code.

Brandon Saunders:

For my definition. I kind of expand that a little bit. So basically all software out there can be divided across two different dimensions whether it's paid or free and whether it's open source or closed source. So real quickly there a couple of examples. So like back to the Microsoft Windows and Mac OS. You paid for them and once you download them and install them on your computer you can't edit them. You can't even see the code generally that goes on inside of them. So that's a paid, closed source operating system. You were talking about XCart and Magento. Those are all paid services but they're open source. So that's kind of the other side of the coin and that's nice.

Brandon Saunders:

Let's just kind of modify things to a limited extent and it's. Everybody's got to have a business model. Free and closed source is a little bit weird. The example that comes to my mind are games. So they'll give you a free level or something and then you get to the end of that level. Oh, that's a great game. I'm going to go ahead and buy that. It's free, or at least the first teaser is, but it's kind of open source or closed source. In that way it for nothing, and you can, with enough skill, go in and edit that piece of code, and Linux itself doesn't usually stand alone. Usually there's a couple of other terms that get floated around in here for the distribution you're running. You might be running a Buntoo distribution or a Red Hat distribution.

Carrie Saunders:

There's a bunch of distribution names.

Brandon Saunders:

They're all used the same kind of basis under the covers and we're going to lump them together into being kind of Linux, so yeah, so that's the first part.

Carrie Saunders:

Well, and I think kind of the point of understanding that there's Linux very likely most, almost all the times on servers is because it's a lightweight compared to something like a graphical user interface like Windows or Mac OS or something where you're using a monitor. So that's one of the reasons that Linux exists is it's very lean. You can interact with it with a monitor, but you don't have to interact with it with a monitor. So it's got a lot of fanciness pulled away so that it can do its job, which is compute things for you, for the web and for other server reasons yeah, and I won't geek out, but I really love my linux history.

Brandon Saunders:

So, um, yeah, the it's an operating system that's extended way back to the kind of the early uh, or has history way back to the very first early computers um, even predates a lot of the. Its history predates the internet as well. So at the end of the day, it really doesn't matter which distribution you're on. They're all going to be kind of that Linux thing and it's again. It's very popular for servers. It's actually Microsoft actually runs a big cloud service system and even in their own system it's the popular operating system to use, not the Windows ones. And you're right, it's about computation, the key part to every operating system. Operating systems are really there to keep applications away from each other and provide little containments inside of various applications, and the A, m and P are all applications in this case that we're going to keep separate from each other. So Apache, mysql and PHP from an operating system perspective, we can look at them much like you might have Microsoft Word and a web browser on your computer. Now, a lot of things all go in web browsers today. Maybe you have multiple kinds of web browsers Firefox or Chrome. Each one of these are different applications on your PC and their interactions with each other are really controlled by the operating system controlled by Windows or controlled by Mac OS. Well, in this case, linux controls and isolates MySQL, apache and PHP away from each other, but the other three parts are kind of there as layers to build the application. So the Apache in this case is the interface that the user first connects to. So whenever you type in your URL into your web browser, a bunch of magic which we need to talk about on a different podcast occurs and your web browser makes a connection to your Linux server someplace. Well, when it makes that connection, it makes it to the web server in this case. That way we can get web content coming back to us. Now Apache is responsible for some really kind of the dumb content. So let's take an image file, for example, as a classic example. That's a single file someplace and the Apache software can go, get that image off of a hard drive and send it across the internet to your browser and your browser can bring up that image and shows that image to you. It hopefully fits inside of some larger HTML and pretty websites and all the great things that Keri does from there, but that's kind of a dumb system. There's very little. There's some interactivity to it, but we're talking about really, really old web pages, sort of level of activity Click on this link and you can see the next page along the way, and that's not really exciting for modern web applications.

Brandon Saunders:

So we need some level of dynamic content, some ability to create systems like the shopping carts we work on. So if you click to add cart, it's got to have some interactions with the server so that the server knows you click to add to cart. You click to add to cart or as you're checking out and processing credit cards or processing orders in the back end and all the great e-commerce things that Kerry's talked about for the last year. All of that requires code to make that stuff work and that's really where PHP kind of comes into the system. So the web server Apache in this case every time it gets a request for dynamic content, it patches I'm hitting my desk, I shouldn't do that it passes that request over to PHP. Php has been given a bunch of smarts via people like Kerry and it spits back dynamic content. Hi, brandon Saunders, glad to see you Come back to my web page today or any one of these sorts of things. So the PHP portion, our application portion, gives us all those dynamic pieces.

Brandon Saunders:

Now the last bit is MySQL in this case, and MySQL has got a couple of different names to it. Mariadb is a popular one these days. Again, some of the details don't matter here. At the end of the day, mysql represents a database. Where are we going to store long-term information? Which products do I have? What categories are they going to go into? How many of them do I have Customer information? Are they going to go into? How many of them do I have Customer information? All that stuff has to be stored in a way that is easy to create relationships between the pieces of data, and we'll often refer to these things as relational databases, and MySQL is just kind of a really popular one.

Brandon Saunders:

So we've got our operating system. We've got a web server that's going to pass data back to our user. We've got an application PHP in this case and we've got a data store. And this LAMP is one particular configuration, that there's a WAMP and, I don't know, there's an Nginx version. There's like four or five different variations to this term. I'll see if I can find a good list for you, but it depends upon the application you're wanting to support. There will be some shopping carts that need Java in this case and Java would be a different application and just something we'd replace PHP with. But it is something that whomever's developing software for you or whoever you're buying stuff from kind of determines the stack of applications that you need. I rattled on really long, sorry.

Carrie Saunders:

No, I think that's fine. The thing that we need to understand as business owners too is okay. So he just described there's, you know, four different layers at minimum to serve your website to you, and I know I've talked in the past on the podcast that we need to make sure that either your website host your leasing or buying the software as a service or your hosting is updating that all those stacks. They need to be updated for security reasons. So if you are, you know most of you listening are not of the technical level or even want you know you're running your business to be able to handle these updates. You need to make sure that your host is doing. This is a very important question for your host and your hosting provider, and if they don't update it, you need to find somebody who can update these things for you, because it can create quite the security vulnerability. Php, for example, has been updating itself like crazy the past four or five years, whereas the previous 15-ish years the updates to PHP were not significant at each round, and so us, as software developers, have been having to keep up with the updates to PHP, which is what we're finding as service providers to help you business owners out there. I'm finding a lot of websites running on older versions of PHP, older versions of MySQL or MariaDB, whichever flavor that you have. You need to make sure that those are being updated because they can potentially create security holes in your website, which can then allow hackers to either, if you have an e-commerce system, you know gets your customer information, or if you have a blog, like on a WordPress blog of some sort, they can get the information and data from your blog and or maybe be able to put things up on your website as them inadvertently and kind of great you know, kind of tear down your website from that. So If you are not sure, if your website server host you know updates these things for you, ask them, and if they don't give you a satisfactory answer and you're not sure, drop us an email podcast at bcsengineeringcom and we'll be happy to help you figure this out for you.

Carrie Saunders:

One of the things that I've always liked to do in over the past 20 years of doing this business is making sure our customers are informed enough that they are secure as secure as possible that nothing's ever 100% foolproof.

Carrie Saunders:

But if you're keeping your underlying applications like Linux, apache, php, mysql, as well as the application that sits on top of that, whether it's WordPress, madento, xcart, et cetera, making sure those all stay up to date with security patches, then you're going. I'm not seeing so far in 20 some years, anybody be hacked if they kept those systems up to date. It's usually if something got behind and a vulnerability came out and they weren't patched for it. That's when people got hacked and you lose a lot of money in your business, a lot of time and possibly your reputation, depending on how bad the hack is. So that's kind of one of the reasons we wanted to discuss all the layers here is you've got to really understand all the layers, at least from a high level perspective, and understand how many really are there. It's more complicated than a lot of people think and we even just touched the surface on really the technology here, but it's very important as business owners to be aware of it so you can make sure that you are secure in your systems.

Brandon Saunders:

And I think something I would add to that is even a well-maintained server has to be refreshed. All of these tools still age, even if they're being kept up to date. A particular Linux distribution and a particular install may only be good for three to four years, so website owners need to view maintaining their website as a long-term investment. It's not like you're buying a car that you're going to keep and it's going to be great for 20 years. It's more like a lease where you got to come back and renew that piece of that server, and that takes time. We've got a lot of it takes time to make those jumps from one system to the next, and it's something that we really would encourage our customers and I encourage my students to think about. You know what is the life cycle of your product or of your site, and how fast are you, how often are you able to do major updates?

Carrie Saunders:

Well, I think the car analogy is actually a really good one, because you know you need to give your car regular oil changes. It needs new tires every so many years, right, and you need to put new brakes on it every so many years. You need to refresh what you're using. It's the same as software on the internet. A lot of people think it's a set it and forget it because they're used to their computer. They bought word you know five years ago and then still use word 10 years later. Right, it might not be the most up to date word, but you can still use it. But with the internet and with things being available to the world to potentially attack it, we need to make sure that it's staying up to date. Kind of like a car we need to make sure that we have good brakes on it and good tires so that we're safe. You know it's. It's kind of very similar to that Cool, All right.

Carrie Saunders:

Well, I think that's it for this episode. I think we've. Hopefully we didn't blow your mind with too much technical stuff, but if you do have any questions, you can always find us on social media. You can find our show notes at the e-commerce made easy podcastcom, where we link to all of our socials there, or you can always drop us an email at podcast at bcsengineeringcom. We would love to hear from you. Let us know whether you thought of this episode as a bit more on the techie side, but hopefully it helped break everything down for you and, as always, make sure to review us on Apple Podcasts to help spread the word about us and help us reach other business owners to help them out, and we appreciate you joining us and we will see you next week.

Brandon Saunders:

Nice to meet everybody.

Understanding the Technology Behind Websites
Understanding the LAMP Stack
Importance of Website Security Updates