Which server to choose for hosting website

[Japster]

I would like to know what server is better for hosting a webpage. A Linux server or a Microsoft server. Which one of the two is more vulnerable to virusses and hacking. I'm looking to open a site but would like to know which Server would be the best option to use.

[Goatboy]

It's mostly going to come down to what code you are running on it. More often than not, a server is compromised because of a vulnerability in the applications running on the website, as opposed to a specific exploit in the OS or web server itself.

[tremor77]

Quick rundown:

Linux servers often run standard LAMP: Linux, Apache (The Actual Webserver), MySQL, PHP. This setup is very common and very popular for web developers. You can add many common applications like content management systems (Droopal, Wordpress, etc.) very easily to this environment. This also tends to be a standard for the poor man and the open source community. Apache web server is vulnerable to the Slow HTTP DoS Attack. Beyond that most vulnerabilities are put into place by poor design and security of pages you make as Goatboy mentioned.

Microsoft servers don't get a fun acronym like LAMP, but let me try. Windows, IIS, Access, ASP = WIAA? Although it's easy enough to put another database like MySQL in place of the access bloatware. IIS is actually quite good as a web server, I've had the opportunity to use if for several years now on Server 2003 in a very large, multi-site production environment. However, because of how it is designed, permissions structure is a royal pain, administrating for windows is like herding cats... directory traversal javascript injection was a major issue and required a special plugin to prevent... and I just don't like ASP personally so I ended up setting up a WIMP server (Windows, IIS, MySQL, PHP). It's served me well at my place of work.

But when it came to my personal web server - I chose Linux.