Results 1 to 21 of 21
  1. #1
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16

    Am I secure, really?

    I am a Cpanel shared hosting customer (of someone on this forum) and have a question.

    I run a business that manages sensitive data. I recently set up a SSL certificate on one of my domains, so clients can communicate sensitive data to me with a sense of security.

    Data is submitted by an online form and written to a page behind a password-protected directory on the server. I believe that the information transaction is secure, but what about the data that is now sitting in a directory on a shared environment?

    How can I be confident that nobody can access that data and cause me problems? I have no reason to distrust my reseller, but is there any guarantee of security & confidentiality either? Do they have any kind of access to my files?

  2. #2
    Join Date
    Apr 2002
    Location
    USA
    Posts
    5,779
    Root always has access to your files if they want them.

    You are best to encrypt the files if it is sensitive data, nothing connected to the internet is 100% secure.

  3. #3
    Join Date
    Oct 2002
    Location
    EU - east side
    Posts
    21,913
    Do they have any kind of access to my files?
    The server admin at least will have access to your files. He's root.

    Find a way to encrypt them if confidentiality is a very important thing.

    EDIT: I need to learn how to type faster.

  4. #4
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16
    Thanks both of you for your answers. I guess I need to take this a step further and encrypt the data on the server.

  5. #5
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Just remember that if you encrypt them, as long as the script you use to encrypt them resides on the same server as the encrypted files, anyone with access to the machine would also be able to decrypt them.

  6. #6
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16
    How do I get around that???

  7. #7
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Originally posted by frontrowmktg
    How do I get around that???
    Before we go any further, exactly what information is being stored? Are we talking about name, address etc type details or really sensitive data like Credit Card details?

  8. #8
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16
    credit card numbers/expiration dates, checking account numbers, social security numbers, dates-of-birth, addresses/phone numbers, etc.

    yeah, pretty sensitive

    problem is, the volume is not nearly high enough to justify a dedicated server + someone to manage it.

  9. #9
    Join Date
    Feb 2002
    Posts
    1,137
    I wouldn’t recommend storing that kind of information on a shared server, you really need to get a dedicated box.

  10. #10
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16
    I should mention that I do not store it any longer than it takes to retrieve it and delete it.

  11. #11
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Originally posted by frontrowmktg
    I should mention that I do not store it any longer than it takes to retrieve it and delete it.
    I agree with Paul here, you shouldn't be storing this type of data on a shared server. Even if it is only for an hour or so, that's still a window for someone to gain access to it.

  12. #12
    Well, the server admin (root) has access to it for sure; would they look into your files? Maybe - but don't assume he won't.

    Additionally, there's various cPanel exploit scripts available online that allow any user to view the contents (backend) of any script on the server. This could happen if the hosting company you were on didn't properly secure their server.

    You should either encrypt all this information or move to dedicated.

  13. #13
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Originally posted by Kijit Solutions

    You should either encrypt all this information or move to dedicated.
    Sure you can encrypt it, but is there really a point when the encryption method (and therefor the decryption method) is stored with the data?

  14. #14
    Originally posted by Wullie
    Sure you can encrypt it, but is there really a point when the encryption method (and therefor the decryption method) is stored with the data?
    Yes. =)

    Purchase another cheap shared hosting package elsewhere for the sole purpose of parsing the encryptions. You can code a function in PHP, store it on the second server, while the encrypted data is on the server you're on atm. Pass the encrypted data to the script on the other server, and pass it back.

    It's cheaper than the dedicated solution, and gets the job done.

  15. #15
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Originally posted by Kijit Solutions
    Yes. =)

    Purchase another cheap shared hosting package elsewhere for the sole purpose of parsing the encryptions. You can code a function in PHP, store it on the second server, while the encrypted data is on the server you're on atm. Pass the encrypted data to the script on the other server, and pass it back.

    It's cheaper than the dedicated solution, and gets the job done.
    Your method requires the data to transfer between 2 servers unencrypted.

    I get the idea of what you are aiming at, my point was aimed more at the problems of storing the data and the encryption key together.

  16. #16
    Join Date
    May 2003
    Location
    Kirkland, WA
    Posts
    4,448
    Originally posted by Kijit Solutions

    Additionally, there's various cPanel exploit scripts available online that allow any user to view the contents (backend) of any script on the server. This could happen if the hosting company you were on didn't properly secure their server.
    These are not "cPanel exploit scripts" but rather PHP scripts which simply let users who on servers not using phpsuexec view contents of directories as the user "nobody".

    In actuality, if the admin is using phpsuexec, then not only will users not be able to view each other files, thanks to recent ACL additions in the EDGE/CURRENT builds they won't be able to view httpd.conf, and other system files as well.

    This is all a side issue, but just wanted to clear up these are not cPanel exploit scripts, nothing in these scripts relies on the fact cPanel is on the system, rather simply PHP/Apache.

  17. #17
    Join Date
    Oct 2002
    Location
    Grand Rapids, Michigan
    Posts
    16
    Bottom line, can I accomplish what I want to with the resources at hand with a reasonable expectation of strong security?

    Isn't this comparable to what all the millions of other small businesses do with shopping carts, etc. on shared environments?

  18. #18
    Join Date
    Jun 2002
    Location
    Waco, TX
    Posts
    5,292
    can you use gpg, it has a public key, and private,have it use the public key to encrypt, and then only you, knowing the passphrase, can decode it, it could be stored on a shared server, and that combined with SSL for the actual transmissions ofdata, should be far better than anything else on a shared platform

  19. #19
    Join Date
    Jun 2003
    Location
    United States of America
    Posts
    1,838
    can we ask who your host is? cause if its a professional company that does things right you may be best off
    Computer Steroids - Full service website development solutions since 2001.
    (612)234-2768 - Locally owned and operated in the Minneapolis, Minnesota area.

  20. #20
    Join Date
    Mar 2004
    Location
    New Zealand
    Posts
    533
    Use asynchronous (Public Key) encryption - RSA being the likely candidate.

    Store your private key on your workstation only.

    Have the public key on the server.

    Take your data from the client over SSL. Without writing it to a file (or database) encrypt with the public key, write the encrypted data out to the filesystem (or database).

    Retrieve the encrypted data, decrypt using your private key - either on your workstation, or pass the private key in to the server (over SSL via a textarea or cookie, NOT as a file upload) at the time, have the server decrypt the data and return the unencrypted data to you over the SSL connection, make sure the server does not ever store the private key.

    Prety straight forward. Very very secure. Only downside is that once encrypted the server cannot decrypt the data without you supplying the private key to it - so clients couldn't come and update the data for example.

  21. #21
    I wouldn't spare the expense of going with a dedicated server. Depending your merchant agreement and their agreement with Visa and other credit card companies, you may have some liability in the event that you aren't following appropriate procedures to handle customer data.

    There's a lot of solid suggestions in this thread and a lot of information available via google on how to encrypt extremely sensitive data. With careful planning and time/money, you should be good to go--but i'd recommend staying away from a shared environment for stuff like this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •