Landing pages are all the rage. So, I decided that I needed one for my iOS game, Eye of the Fiend. Other than the marketing aspect, I thought it would be a good place to host a detailed FAQ and press kit. I spent some time tinkering with websites during game development, which turned out to be a good investment in terms of time. It allowed me to learn about the different options when it comes to hosting, and to focus on essentials like design and content.
Hosting
My exploration of hosting options was interesting. On the face of it, a managed site sounds good. There are lots of companies out there offering a broad range of packages, and all claim to make things easier for the end user. However, I decided not to go this route for the following reasons.
Firstly, I found the bespoke content management interfaces a bit confusing and complex to use. I also felt I was learning a workflow that restricted me to one approach, and I worried about not understanding the process fully. Another issue was that computing resources are often shared with other sites, and you have no control over who these sites are.
My decision to go static rather than use a database driven site also meant I moved over to a self-managing solution with Digital Ocean. You get your own first-class hardware allocation and an easy to understand interface to manage your virtual computer.
You do have to install and setup the web server though, which I did not mind doing as it was interesting and transferable knowledge. Digital Ocean publish some great tutorials on how to do this. I have been with them for around a year now, and am very happy with their service. To my knowledge, the site has never been down.
Static Sites
I was drawn to a static site primarily because the resource usage is much lower, which means that the cost of hosting would remain very small no matter what. Hosting costs for dynamic sites are quite expensive once you get traffic. I am only serving a basic landing page, so concluded that I did not need anything overly complicated.
The other benefit of a static site is that it is easier to understand for a layman like myself. Its just Linux and Apache. HTML documents are easy to write in Notepad++, and update through Filezilla. There are also some great resources out there now like W3.CSS and Bootstrap. These make it very easy to quickly write web layouts that are easily sufficient for a modern landing page that work on all screen sizes. You can visit my landing page to see what can be done with W3.CSS and simple html relatively quickly.
One of the drawbacks of going it alone though, was getting web encryption to work. Annoyingly, the self-certified SSL approach no longer functions like it should, so I ended up buying a certificate from Comodo. Technically, Let's Encrypt works perfectly, but occasionally a warning screen will appear when you link to a self encrypted domain. This is not good news for a landing page.
You do need encryption these days to be viewed as a credible website. Please read Ashey's blog for an intelligible explanation of this. Whereas managed hosting makes this easy, it is tedious and difficult to set up yourself.
Security
I also got into web security a little bit during my journey. It seems that brute force attacks are the most common form of cyber-attack. This means a bot repeatedly trying to guess your username and password. This can be avoided by disabling the use of passwords altogether, and only using key pairs which are virtually impossible to crack. Highly recommended, and I have no idea why they are not more commonly used.
The other thing to do is to change the SSH port of your webserver to a different port number. This prevents most bots from attempting to break in, as they tend to focus on port 22. I have read arguments against this in places like Stack Overflow, but I did notice a significant drop-off of bot attacks when I changed the port number. This has got to be a good thing.
A final word about security is if someone really wants to break in and access your files and has money, skills and time, they probably can. Unless you are someone very important, you probably have no need to worry if you take some basic precautions. This fact appears to be avoided in many discussions on the subject.
Thanks for reading!