Writing about security isn’t always easy, and today we unfortunately encountered a problem of an unusual sort – security.
HostGator’s security department shut down our site for about an hour or so today, after encountering “a resource issue”. It was found that they had no documentation as to the issue, and so they put us back on line right away, but still, it’s a little frustrating.
So what happened? We don’t know, they don’t know and now nothing has been done to make sure that it doesn’t happen again.
This illustrates a key issue in security – documentation. Without it, the aftermath of an incident will lead to nothing, too little information and the countermeasures arrived upon will be the wrong ones, or too little too late.
Having your documentation in order shouldn’t be the first bullet on your priorities list, but it shouldn’t be far down it either. Everything from access logs to guard reports should be regularly reviewed, and safeguarded for use when an issue arises.
In the case of HostGator, they are usually very good people to deal with, and they were just that today as well, but taking a site offline without documentation as to why is still disconcerting.
We’re currently waiting for a reply as to why they did what they did. It’s always a pleasure waiting for security departments, right? 😉