Just the other day I got a request for proposal for hosting, complete with a statement that they knew of some hosting that would cost $15/month. The implication being that they were looking for a hosting proposal that would not exceed that amount.

Right off the bat, there's a problem here. Just the cost of paying the salary of an employee to assemble a proposal would likely exceed half a year of the total revenue at this rate! Expecting somebody to spend the time to bid on such a service at that rate is... well, ludicrous. We would lose money to even bid on the job.

But it does illustrate one of the reasons why cheap hosting is expensive:

You have to do everything yourself.

A cheap hosting account is a self-service hosting account. You're not going to get any help using it, beyond a link to a help article perhaps. And at least here in the US, the cost of the labor to manage stuff on a cheap hosting account is far more than the actual cost of hosting.

That's fine if you're technically savvy, understand all the bits involved in setting up a web site, managing web sites, copying files, creating databases. But...

You don't get it your way.

Lots of web developers are accustomed to working around the constraints of cheap hosting. Tools like cPanel and Plesk provide shortcuts that are supposed to make it easy to manage these things. But when you reach a certain level of proficiency, these tools greatly get in the way.

With a bare server, you've got far more options in how you set everything up. You can install powerful scripts and tools to simplify management of the server, make backups automatic and redundant, roll back changes that go awry, quickly install updates, and much more.

Drupal is a bit of a memory hog, too. On cheap web hosts, you have no control over how much memory is available for the web site--and if it's too low, you get the famous Drupal White Screen Of Death. And there's not a whole lot you can do about it--you either have to turn a bunch of stuff off, or move to another host.

Upgrades are not included.

The current rage these days on cheap hosts is to offer one-click installs of popular packages like Drupal, Gallery, Word Press, etc. While that may be convenient, what they don't tell you is there's no similar one-click upgrade when you do this.

If you're running a content management system of any kind, you need to keep it up-to-date with security updates. These are actually quite complex systems, and they have bugs. Some of these bugs make it possible for hackers to break into your site and do what they want with it -- spread spam, steal information, vandalize your site. As these bugs that open up vulnerabilities get discovered, somebody needs to apply the updates that fix them. Your cheap web host certainly won't.

In all likelihood, the one-click installers probably install old versions that already need updating right when you turn them on. So a one-click install doesn't really save you time, and leaves you open to attack.

Somebody needs to stay on top of security updates as they become available. Without being able to run system management tools to make applying these updates quick and painless, it takes more of your web person's time to do. Oh yeah, remember, how that time is more expensive than the hosting? Suddenly cheap hosting gets a lot more expensive.

But the problems don't stop there.

You're putting your store in a bad neighborhood, without sufficient locks.

The entire Internet is actually a pretty bad neighborhood. But cheap hosts attract lots of people who are actually doing the attacking on the web--the hosting companies don't charge enough to keep an eye on who's doing what. So it's far more likely that you've got some script kiddie next door launching attacks on other sites, or looking at your data to see what's interesting.

Cheap hosting is cheap because they put hundreds or thousands of sites on the same server, charging each one a tiny amount that adds up to profit. The problem is, there's lots of ways that one site can see the contents of another. If you're doing e-commerce on your site, that's a particularly bad situation--somebody on another site could upload some malicious code and snoop on all your traffic.

Even if your web host is above average and actively banning these types of users and activities, the fact that nobody is making sure upgrades are in place means that even if you keep your site up to date, there's almost certainly other sites on the server that are not secure. This gives hackers a back door to installing software on the server, and collecting YOUR data.

I've seen lots of vandalized sites, and many of them had no vulnerabilities at all--their site got vandalized because it happened to be on the same server as a vulnerable site. You could do everything right and still be victim of collateral damage.

If your site one day comes up with some vulgar, offensive message, what will your customers think? Something like that could ruin your reputation, especially if you don't notice for a while.

And those are just the worst problems.

There are lots of other little ones that ultimately make cheap hosting more expensive:

  • They only support FTP for file transfers, which is inherently insecure, slow, cumbersome to manage, and much harder to synchronize with development sites
  • The IP address you get may be blacklisted for spam, so you'll have more trouble sending mail to your customers from the site
  • There's no way to tune the server as your traffic increases, and most hosts will simply cut your site off completely if it exceeds a certain threshold of traffic
  • Each web host has its own systems, its own different way of managing things, making it more difficult to switch mental gears when you're supporting clients at different hosts

And there are lots of smaller annoyances we have to put up with, when our clients choose a cheap host.

All of this makes cheap hosting much more expensive--because you're paying us for a lot more time to manage your site.

For example, applying a tested set of Drupal module updates on a site we host takes a grand total of about a minute. To do the same on a cheap host can take 30 minutes, if we're keeping a copy of your site on our development server, or 90 minutes if we're having to find and upload modules individually.

Why our "expensive" hosting will save you money

The bottom line is, the faster we can apply updates and manage your site, the less it's going to cost you.

If your site is disposable, and you're doing the work, cheap hosts are fine. They're fine for most personal use, where you don't really care if it gets vandalized and takes a day (or two weeks) to recover--especially when you don't have budget to do it right.

But if your business depends on your web site, the cost of having a problem very quickly outweighs the cost of our service.

Our base hosting for Drupal is $99/month. For an e-commerce site (with more security measures and a dedicated IP address) the charge is $149/month. For those prices, you get:

  • Managed Drupal hosting -- we provide security updates for critical vulnerabilities in the modules installed on your site
  • Extensive, long-term backups -- we save all the contents of your database each night, keep all backups for 7 days, and specific ones for up to 16 months. We have often restored content that was deleted weeks or months earlier--something that's proven extremely valuable to several of our clients.
  • Code stored in version control -- if something goes wrong with an update, we can roll it back to the previous state, giving us a chance to sort out the issues before trying to re-apply it.
  • Geographically redundant backups -- while our production servers are scattered across the country, in Lynnwood, WA, San Diego, and St. Louis, our backups are here in Seattle. If any one of our providers disappears, we can restore your site at a new provider within a day or two.
  • Restricted server access -- We don't run FTP. We don't allow our clients to log in directly to our production servers, and don't allow code to be uploaded to e-commerce servers. This greatly reduces the number of ways an attacker can break into your site, greatly reduces the chance of vandalism or information disclosure.
  • Competent technical help -- We run our own mail servers, have a couple decades of experience on our staff, and can get to the bottom of issues. If we can't solve the problem, we can at least provide the best workarounds.
  • Technical support -- We include up to 1 support incident per month without an extra charge with a regular hosting plan. We have affordable support contracts for clients who want or need more support.

Until you're getting a ton of traffic, disk and bandwidth is cheap. Because our goal is to make your business successful, we don't even charge for hosting when you're on a support contract--we provide it for free as part of the deal. It costs us far less to manage your site on our servers than to manage it on somebody else's. And I'm willing to throw in hosting to avoid the frustration of working on crappy web hosts where we have no control over the environment.

We will of course support your web site wherever you want it hosted. Just realize that it's going to cost you more--just doing basic maintenance if we can't install our tools is going to take hours instead of minutes. And you're paying for hosting on top of that!


For smaller 1 2 and 3 man operations s cheaper host is great especially if you'll do the design and maintance yourself However I would never bid on such a silly project either Good Call !!!!



I think that if you make sure the service is secure (able to do with inexpensive hosting) than you are 80% there. Using other decentralized services like cloud hosting, which is becoming more popular is also a nice alternative.


As the old saying goes not all cheap web hosting are freaking nightmare .

I have been use cheap web hosting since the early 90's.
nowaday with the power of video site you can almost teach yourself everything you need to know about web hosting

Add new comment

The content of this field is kept private and will not be shown publicly.

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <blockquote cite> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h1> <h2 id> <h3 id> <h4 id> <h5 id> <p> <br> <img src alt height width>
  • Lines and paragraphs break automatically.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.