Google has launched a beta version of a free hosting service, Google Page Creator. The service, which is currently limited to existing users of Google's Gmail, allows users to build a web page using a web-based interface. Each site has its own subdomain, with a web address using the structure of http://gmailname.googlepages.com, and users can choose among up to 40 page designs.
The introduction of Google Page Creator follows the recent launch of free hosting products by Microsoft and Go Daddy. Google is already a major player in the free hosting sector with Blogger, while Yahoo has several free hosting products, including its GeoCities brand. While several of these services are designed to generate revenue from advertising, Google's Page Creator beta doesn't include advertising on either its public pages or administrative interface.
Free web hosting is hot again. Rejuvenated by the growth in online ad spending, free web sites bearing advertising are emerging as the latest battleground between the Internet economy's largest players.
On Wednesday Microsoft launched the beta version of Office Live, its free web hosting service for small business owners who agree to view ads as they maintain their sites. Ad-supported web services are a key ingredient in Microsoft's family of "Live" web services, while Google and Yahoo report strong growth in their existing free hosting programs. That trio is being joined by the domain registrar Go Daddy, which is now offering free ad-supported hosting accounts and blogs with every domain name it sells.
The free hosting ramp-ups by Microsoft and Go Daddy are a response to surging revenue from contextual ads on web sites. In its most recent quarter, Google reported $1.1 billion in advertising revenue from its own sites, and another $799 million from third-party sites using its AdSense program. The rapid growth of domain parking services has also illustrated the earning potential of large portfolios of web pages bearing contextual ads.
Payment gateway StormPay is recovering from a distributed denial of service attack (DDoS) that has kept its web site offline for much of the past two days. The company, which provides online payment processing for thousands of e-commerce web sites, came back online Friday after a sustained attack that commenced last weekend. The DDoS on StormPay is the latest in a series of attacks on services that allow web merchants to accept credit cards.
The attacks flooded StormPay with up to 6 gigabits a second of data, according to Barrett Lyon, chief technology officer of Prolexic Technologies, which specializes in DDoS defense and is working with StormPay to mitigate the attack. Lyon said the DDoS involved DNS amplification, using bogus DNS requests to cause Internet nameservers to inundate StormPay's web site with traffic. The impact can be seen on the performance chart for StormPay.com:
A dynamically updating performance chart is available for stormpay.com. Netcraft offers a web site performance monitoring service that provides similar charts, along with e-mail alerts when an outage occurs.
After a year of explosive growth, Go Daddy has surpassed 1&1 Internet as the world's largest web host - at least for the moment. With a net gain of 255K hostnames this month, Go Daddy's web infrastructure now houses 5,544,296 hostnames, about 95K more than 1&1, according to our Hosting Provider Switching Analysis. 1&1, which is based in Germany, has had the largest number of hostnames each month since the inception of the hosting survey in early 2003.
The milestone comes as Go Daddy prepares to advertise in Sunday's Super Bowl XL broadcast, which is expected to be seen by a global television audience of more than 90 million. Go Daddy, which will pay $2.5 million for each of two 30-second ads, had 13 of its edgy ad submissions rejected by ABC censors before gaining an approval on Thursday.
Why is Go Daddy so keen on advertising in the Super Bowl again this year? Did the company's controversial 2005 ad really help sell domains and hosting services? The numbers speak for themselves: Go Daddy has experienced powerful growth over the past year, adding 2.5 million hostnames since January 2005. Many of those hostnames represent sales of domain names, products that generate revenue once a year (upon the initial sale and each annual renewal). But domains are an important gateway to the sale of additional services such as web hosting and SSL certificates.
In the February 2006 survey we received responses from
76,184,000 sites, an increase of 933K from January's total. This month's survey finds different trends emerging in hostnames and active sites. Apache continues its strong growth with an increase of 1.3 million hostnames for the month, adding nearly a full point to its commanding market share lead. The active sites data shows a very different result, with Windows servers gaining 185K active sites, while Apache adds just 14K.
The split reflects increased volatility in the Web Server Survey in recent months following a lengthy period of market share stability. Factors include continuing site shifts at registrars and large domain "parking" operations. In recent months both Apache and Microsoft have seen sudden dips in hostname market share as huge blocks of bulk-registered domains expired at Zipa (December) and enom (November). This month there was a drop of 269K sites on Apache at Dotster as a clock of bulk-registered domains expired, which was offset by a surge in new domain registrations, which included 1.4 million new sites on Apache.
Meanwhile, Microsoft has made gains in hosting in Germany and Japan, two markets which traditionally have been dominated by Linux. Windows servers have gained substantial numbers of active sites at German host Intergenia and Excite Japan.
Total Sites Across All Domains August 1995 - February 2006
|Developer||January 2006||Percent||February 2006||Percent||Change|
Security holes in PHP-based content management and forum apps are an increasingly active front in Internet security, as hackers target unpatched weaknesses. The latest example is Monday's hack of chip maker AMD's customer support forums, in which an older version of Invision Power Board was compromised and used to distribute malware using the Windows Metafile (WMF) exploit.
While Windows flaws like the WMF vulnerability are useful to hackers assembling armies of compromised desktop computers, security holes in PHP applications provide access to more powerful servers hooked directly to high-speed network connections.
Internet criminals have targeted unpatched vulnerabilities in open source CMS apps including phpBB, PostNuke, Mambo, Drupal and others, hoping to build botnets for use in phishing scams and distributed denial of service (DDoS) attacks. Compromised web forums hosted more than 600 phishing spoof sites identified by the Netcraft Toolbar Community in 2005 (as noted in our Year in Phishing roundup).
The DDoS capabilities of server-based zombies was demonstrated in a December attack by a large botnet of Linux machines, in which attackers flooded their target with more than 6 gigabytes of data per second. Hosting providers with multiple IP addresses being used in the botnet included Level 3, Savvis, AT&T WorldNet, 1&1 Internet, Interland and The Planet. The network used in the December attack was assembled by exploiting known security holes, including a vulnerability in the Limbo CMS that had been patched at least six weeks earlier.