Okay... In the past several weeks I've been reading these forums with every spare second I get. I've learned a lot from you guys and am almost ready to take my plunge in adding hosting to my business....


Question is this - How do enforce secure servers?

I see everyone talking about spammers, bad scripts that have loopholes, lots of stuff. How do you know when someone on your server is a spammer? My server said their currently scanning the servers for FormMail.pl - how are they doing that? Just manually in linux going into ALL of their customers folders and looking through it?

How do you make the info on your servers secure? So people can't just walk in and start defacing websites on your server?

How do you provide reliable security to YOUR customers?

One of the things we do is DO NOT give out Telnet/SSH to any of our clients.

See, my hoster is the same way. No telnet, no ssh - FTP only

Anyone else have any tips on security for web hosting?

What I should know and any other things?

If a host gives out PHP/Perl to customers without restricting it then disabling SSH isn't going to do a lot as PHP/Perl can both create their own command line.

i think you just really need to know your servers well. in a shared hosting environment, if you want anyone to actually pay for your services, you'll need to give them leeway.

example, php is largely insecure in a shared hosting environment as an apache module, but chances are you're going to let that slide, because it's fairly restrictive without.

basically, it's not what you can disable, but how you react to security issues as they happen. can you recognize the signs of "something going wrong"? can you debug the issue, and can you stop the damage before it happens or slow it down as much as possible?

Putting each customer in a chroot jail is a good idea but remember there are ways to break out and there are fixes for these break outs.

As far as finding formmail.pl, something as simple as

find / -name FormMail.pl

will search your ENTIRE system for FormMail.pl

so you might want to hone your search done to wherever you host your sites such as /home

find /home -name FormMail.pl

This is not exactly a good way considering anyone can rename FormMail.pl to anything they please, but it's a start.

You can do a LOT of cool stuff with find, many many pages can be written on it so read the man pages and search google :)