Should I leave Hostgator over WP Engine?

[JerryLow]

I am not sure if I am posting at the right category but it would be great if I can get some unbiased opinions from the gator folks. Here's the thing -

I have been using Gator (baby plan) for years and I am one very very happy Hostgator customer. The thing is I recently found WP Engine (http://wpengine.com/) - a wordpress-based hosting company that covers some of the heavy tasks (or features) such as protection from DDOS attack, proxy server (for faster load speed), backups, scalability, as well as WP management (like updates and plugin supports).

Yes that's a lot more than what Hostgator is offering but I am well aware that these guys are charging a lot more - $49/mo (cheapest) compare with Baby Plan $7.95/mo but the protection and the convenience it offers is tempting.

So here're my questions:
1. Seriously, how safe we (wordpress blog in particular) are with Hostgator?
2. If I would like to improve security issue with my blog without spending too much time, how can Hostgator help?

Appreciate if folks here can share their view on this matter.

Cheers, Jerry

[kingtas]

They may promise the sun and the moon but I'd never pay $50 a month shared hosting when I can get a nice 1GB RAM VPS on a fast network for the same price. They all include DDOS.

[DigitalDon]

Amen, Kingtas!

Looks like someone has found a way to cash in on all of the folks out there who are just now discovering that WP is a fantastic Content Management System.

Where most people will get themselves into trouble by using WP in this fashion is when they start using some of the really shoddy (mostly fee, but some "premium") plugins that have all sorts of security holes and poorly-constructed code that make it pretty easy for hackers to find their way in and do their mischief.

(Example - Most of them leave "Admin" as the administrator username, which means hackers only have to figure out the password to gain carte blanche over the whole installation!)

Personally, I'd be surprised if that particular company is still in business a year from now - especially if they're giving uninitiated (newbie) WP users a false sense of security stemming from the belief that a hosting company will go out of their way to protect them from their own ignorance or lack of knowledge.

I know I wouldn't want to work in their Support Center, that's for sure! My hair is already white - I wouldn't want to end up tearing it out too!

[asmartbear]

This is Jason, co-founder of WP Engine.

We actively do not want to poach HostGator customers. I agree with you guys that using HostGator's inexpensive shared model is great for WordPress newbies and using HostGator's (about) $50/mo VPS servers is great for people who are willing and able to run their own servers.

I do take issue with your assertion that we're taking advantage of WordPress newbies. In fact almost none of our customers are new to WordPress. They all have blogs which have gone beyond either their technical capacity or desire to maintain, generally due to large amounts of traffic.

In that case, their options are (1) do the IT work they don't want to do, or (2) hire a part-time consultant to do that work, or (3) use us.

Of the three options, (3) isn't unreasonable, and it's not us "taking advantage" of anyone.

On the question of security, again I agree with you that if you install plugins with security holes, you have a security problem! And that in general security is never as simple as "sign up and you're secure."

However, you're incorrect that there's nothing we can do for security, or that we're misleading our customers about it. For example, we use IDS hardware in front of our boxes which (today) blocks 3500 attacks daily. Is that "enough?" No, but it's not nothing either.

Similarly you could argue that people could install and maintain mod_security. And that people should be aware of the latest WordPress security patches and apply them ASAP. I agree, but again that's another place where it's not unreasonable for a blogger to want someone else to do it for them.

I hope this clears up our position in the WordPress hosting market. Hostgator is awesome and I do not advocate moving off Hostgator unless you really feel like the service we offer -- speed, scale, security -- is particularly useful to you.

[GatorNate]

Jerry,

One thing we offer here at Hostgator that provides many of the features you are looking for is Cloudflare access. We partner with Cloudflare and have a plugin within the cPanel interface that allows you to install Cloudflare on your domain with a few clicks.

Cloudflare acts a caching CDN and proxy, it also blocks many attacks before they get to our server. Last week Cloudflare blocked almost a million attacks from our sites.

You can check out some more about them: http://www.cloudflare.com/

Nate

[cPAce]

I would have to agree with Nate and Kingtas. One, if you really truely need it, go for it and switch but notice the price difference. Hostgator is basically all managed hosting, there servers are all monitored and secure. If you take advantage of Cloudflare, that itself will do wonders for a large site on the loadtimes and security level of things. So take it as you will, but I myself have left HostGator before for something like this and ended up back here. The other provider put on a front and seemed all dandy and ended up to be a dud.

[IanWilcox]

I am liking the sound of Cloudflare even more and more everyday...

I need to try it on my websites later... Back to this post...

If your happy with hostgator why move ? I have been to other hosts and i keep coming back to Hostgator... i wont ever move again!

[leemary34]

I agree with what they said, you go with the host you are happy working. But before you make a move, better see if the price is reasonable. You have to look for better features that would give you better results.

[cloudflaredamon]

Quote:

Originally Posted by IanWilcox

I am liking the sound of Cloudflare even more and more everyday...

I need to try it on my websites later... Back to this post...

If your happy with hostgator why move ? I have been to other hosts and i keep coming back to Hostgator... i wont ever move again!

More than happy to answer any questions you have about CloudFlare. If you do come aboard, I would strongly recommend reading these CloudFlare tips and frequently used CloudFlare settings to minimize some areas of confusion.

Note: Some of the items mentioned in tips may not be a concern if you activate via HostGator without changing name servers (no need to whitelist IPs or install mod_cloudflare when going through cpanel integration) But some common questions are answered there & the articles on the blog point to some things about the company.

[eurgbp]

Quote:

Originally Posted by kingtas

They may promise the sun and the moon but I'd never pay $50 a month shared hosting when I can get a nice 1GB RAM VPS on a fast network for the same price. They all include DDOS.

well for fifty bucks you can get VPS but certainly not with DDOS, it is just a PR marketing move to attract suckers, but you can install NGINX or similar to protect yourself from mild DDOS.
Anti DDOS costs a LOT of money, not 50$

[marbas]

I should say, don't leave hostgator. It has a lot of advantages over WP Engine. Such as a comfty, and usage friendly and most people are using Hostgator. Benefits you and other