By the way, the combination of these two things means that the shortest email address that will validate in (nearly) all format-validation routines is a single character at a two-character SLD under a two-character coutry-code TLD, such as “[email protected]”.

I have many friends who aren’t particularly techie types.  Actually, I have very few techie friends.  And they all figure I’m the go-to guy for their tech questions.  Hence, I get asked to “help out” with setting up web sites now and then.

At some point, it occurred to me that, while there were plenty of good vendors I could recommend to peope (I’ll even give a list of some below), if I suggested that a friend use one or more of these vendors, the friend would inevitably still have questions that were vague and not really tech-support questions, and they’d end up back asking me for help.  It’s much easier to help them if I don’t have to go digging through some hosting company’s control panel to find the one messed up setting that I could have fixed in 2 seconds with a command line…

So I should just provide these people with hosting.  This is how I entered the world of small, in some sense “boutique,” hosting.  I’m not a company with credit card processing and automated account setup and 24-7 tech support.  These aren’t mission-critical sites.  When I’m asked, “How do I go about setting up a web site for [X]?” I can explain the overall steps (get a domain name; get hosting; if these are separate, point name at host; make web pages; upload web pages), I can recommend commercial providers (list below), and I can add that while I can honestly recommend those vendors, I can also offer to deal with all the setup and hosting to the point where they have some control panel and can figure out page creation and uploading, and I’ll charge them something or other that we mutually agree is fair.

When things break, I can fix them on the server easily.  If they’re unhappy, I can help them move off to a commercial provider.  And, hopefully, what they pay me defrays the costs of the servers I’m already running my sites on.

Oh, and as a side note, unless you’re doing something fancy or getting a lot of traffic on your site, there is no reason to be paying more than about $1/month for hosting, and contracts longer than a year are probably a bad idea (except where the monthlies are so small as to make month-to-month impractical, say maybe under $5/month, or where there’s a deep discount for longer contracts, I strongly prefer month-to-month payment rather than yearly contracts).

Vendors I currently use:

• WorldWideDNS.net (DNS)
• No-IP.com (dynamic IP)
• RapidVPS.com (hosting)
• GoDaddy.com (domain names, SSL certs)
• LuxSci.com (email)

Vendors I have used in the past and think are generally good:

• ucvhost.com (hosting)
• No-IP.com (DNS, email)
• 5dollarhosting.com (hosting)
• hostrocket.com (hosting)
• fusemail.com (email)
• cheap-domainregistration.com (domain names)

(Oh, and unrelated to CAPTCHAs, I am right now grateful for the autosaving of drafts in WordPress, since, when I went to the hosting provider’s web site to check that I was correctly quoting them, I experienced the fourth crash of Firefox 3b5 tonight, all four of which have occurred when clicking on some part of this hosting provider’s control panel.)

I hate CAPTCHAs, but I think they are (in some instances) a necessary evil.  I have, in fact, even written my own in PHP, using a lot of the CAPTCHA-defeating research as a guide for building a computer-resistant but human-readable CAPTCHA, but again I’m getting away from my intended point.  To me, a CAPTCHA is a roadblock of last resort.  It’s annoying to your users, so if you decide to employ a CAPTCHA, either you don’t care about your users or you’re overrun with bots that cannot easily be stopped any other way.  The only places I’ve employed CAPTCHAs are on guestbook-type pages where the volume of spambot comments were such that I was hitting a disk quota issue and on account signup pages.  This hosting provider, however, wants me to deal with a CAPTCHA whenever I want to do anything with the account at all because, they say, they want to prevent automated login attempts.  Wouldn’t rate-limiting be a much better solution?  Maybe looking at user agents?  Javascript?  How about using something like Bad Behavior?

Ahh, well.  I’ll transfer the domain name out now, and when the hosting plan is up in about 16 months (2-year auto-renew, happened just before I took over), I’ll be moving that web site elsewhere.