I have been hosting with my provider for years. I am happy with them, having left GoDaddy (which I was also happy with). But in each case I had a security- or privacy-related concern:

I left GoDaddy because of their support for SOPA/CISPA. And while I hated their very, very, very, very, very, very, very, very lengthy EULA I never disliked them.

Sidebar: I didn’t just hate that they had a long EULA. I hated the way that they would make me check the box saying that I had read and agreed to the terms before I could proceed with a purchase. No, wait, there’s more: If I read all of their agreements and policies that applied to me, At a normal reading speed, I would have been reading for at least 18 hours. (And I know it was 18 hours, because I concatenated all of that text into one document, and then had my Mac read it to me using one of the included system voices, which are actually quite good, and the resulting audio file was—you guessed it—in excess of 18 hours.) But the site would time out after something like 5 to 15 minutes of inactivity (resetting my shopping cart). So, there’s that. And I don’t mean that I would read it every time. I just mean that that is crazy. It obviously took me a while to read that.

Sidebar continued: And since I am not a lawyer, it’s not like I completely understand what they mean when they say that they DO NOT GUARANTEE MERCHANTABILITY, or that I must indemnify and hold harmless … [insert glassy-eyed stare here]. And if you are listening, GoDaddy, I am sure that your EULA would be more likely to be read and abided by if it were shorter and more understandable, or if you offered a parallel copy for the handful of customers that are not lawyers. Phew. That felt better. And obviously, that’s not just directed at GoDaddy, though they are the guiltiest organization that I have had contact with. The company that makes my phone—which is not an Android—may write similarly long and draconian EULAs, which by the way keep me from offering text-to-voice audio files that are generated by my computer’s OS to others freely, like, say, some old work in the public domain that I wanted to record and give away. But … whatever.

As a matter of fact, I loved—loved—their customer service. I used their phone support frequently early on (especially to make purchases, so I could avoid that stupid checkbox), and they always took great care of me. And their prices were good. And one thing that I really loved was the fact that every price decrease was felt by all the old customers first. They really took care of their existing customers. But, SOPA and CISPA. C’mon. … They have since changed their opinion on that. But it was too late.

I have seen my present provider improve a lot while I have been with them. Their interface is great. But their prices have increased a fair amount while I have been there (a little for hosting, more for domain names). But I have a serious problem. Google is about to release a version of the Chrome browser that will indicate that a site is not secure (particularly when you visit a page that requires credentials like username and password):

address bar

Google Chrome Canary (very early pre-release development version) now indicates that pages are not secure if they require authentication over a plain text connection.

And I imagine that they will eventually indicate that everywhere. And I have strong opinions about encrypting everything anyway.

So, since I would like to increase my security, but have not the funds sufficient to cover all of my domains, I am going to have to move to another provider (for instance, I wanted to move to Namecheap, but discovered that their certificate prices were too steep for me—I know: I’m cheap). So, I need to move to a provider that supports the EFF’s Let’s Encrypt (LE) system. I have found that provider in Dreamhost. There is already a lot to recommend them: namely their very high customer satisfaction ratings. And now I understand that they have enabled the addition of LE security certificates in their interface.

So, my next steps are:

  1. Buy hosting service and a new domain with Dreamhost and set up a site or two.
  2. Transfer a domain with a wordpress blog or two.
  3. Transfer this domain.
  4. Sounds like fun 😟.

Full disclosure: Dreamhost gave me … nothing for writing this blasted article. Nothing. Don’t get me wrong, if you want to give me something, I’m all ears.