I have a small reseller account but all the domains are managed by myself. Security has not been a problem because the sites are simple, but now I have a need to deliver and recieve private files. I know how to keep the website itself secure writing my own sessions, using explicit variables, storing sensitive data outside of the web directories and that sort of stuff but it is my 'neighbors' that bother me. If one of them gets hacked or I get a bad neighbor sharing the server I do not want them to have access to my files and passwords.
A few years ago I wrote a browsing script that I found out had the ability to escape my own area and roam freely around every area on the server with unlimited access to every file. When I complained about it, the server admin said that I had nothing to worry about. When I pressed the issue I was told that nobody could invade my files because it was against the rules to go into other people's account. It turned out most server administrators left things open to eliminate scripting problems for their users and there was really no way to lock down a server without breaking a lot of scripts. At the time I moved to a more secure server but they eventually opened things up because of too many complaints and help requests.
Have things changed? Have they worked out the issues with shared servers? Is there a way to tell if my host has implemented proper safeguards (if any viable ones exist)?
This is why I moved from a shared server to a VPS to, eventually, a dedicated server. I didn't trust the shared server and shared database, shared web server and so on.
There are some pretty inexpensive VPS servers out there. I'd take a look at that. Your administrative duties may increase depending on the type of package you select but you will be far more isolated from your neighbors. A dedicated would be the ultimate way to go as there aren't neighbors but your costs will increase when going this way.
Need Java help? Want to help people who do? Sit down with a cup of Java at the hotjoe forums.
There is always a risk with shared environments that are not properly secured, and you are going to have to live with it or find a provider that takes care of these sort of things. It's either that or getting a dedicated server, to ensure there is absolutely no third party except you that has access to your data(without counting the datacenter that has physical access to your drive), though it depends how strong you feel about security and if you store important information in your files.
High Bandwidth Servers
Custom Hosting Solutions
It really depends... If you're being told something stupid like "nobody could invade my files because it was against the rules" or "In cpanel you can Password Protect directories"... it pretty obviously shows those in control have no real clue about system security.
It really depends on how your shared hosting provider sets things up. Is it possible to set things up with adequate security... yes. Many hosts still don't do it tho.
You're always going to have problems if the shared hosting box gets rooted... But, protection from any other user being able to roam through your files is something which can be stopped with the right security setup.
I am wondering how I could find and verify a host who does keep the accounts secure? At the very least I am guessing they would need to keep PHP in safe_mode and not allow any other scripting at all, which would be difficult to market and require additional support staff as well.
I am afraid a dedicated box is outside my means. On a shared system I have considered encrypting the docs delivered to me and keeping the key on my home box but I have not really investigated the viability nor have I figured out how to seamlessly deliver files to clients in a secure manner. I have also considered hashing the passwords stored outside the directory and using my scripts to decode them but this only adds a minor layer of protection.
Currently files are being exchanged via email, sometimes in password protected zip files. I am hoping to make it way more secure than that. I may need to investigate a VPS solution from a verifiably reputable company with internal security measures in place, but then I would also be starting from scratch learning how to set up and harden my own space.
If your hosting provider is running suPHP (or php as CGI in some form) and suexec for CGI and if you are scripting in those languages on your account, then you can further lock down your account based on the Linux filesystem. Just chmod your directories to 0700 and your files to 0600. Then only two users would be able to read the files and directories, you and root.
This would prevent any problems from other accounts being able to read your files, whether intentional or through an exploited script. However, this also means that you have to keep all of the scripts installed on your account up-to-date (because they would run as your username and still have access to these files and directories) and you would need to stay on top of security alerts for any custom written scripts.
The only other way your files would be exploited on the server is if the server is root compromised, that is a hacker gains entrance to the server and attains root privileges in some manner, but this is also an issue you would run into on a dedicated server or VPS.
Still I would recommend using a VPS. Because otherwise you are always going to be looking over your back or second guessing yourself. You would still have to worry about potential root compromises, but root compromises are extremely rare. But in a shared environment there are more entry points and on a VPS or dedicated server you would have more control over what services to run and what doors to have open.
The encryption thing is also a good idea, because the saying is that if anything is publicly available, then people can get to it. Even though I think you could move permissions around and make it extremely less likely, its just not something that is safe to assume. A strong encryption says that even if someone is able to bypass all the permission settings you have, they would still have to crack the encryption (which again you never assume that they can't -- but this would basically boil down to never put anything on the Internet).
If you are really bothered about the security of the server, get a VPS atleast. The shared server is the less secured in the lot. If you are the admin on a shared server, you wouldn't be able to implement most of the security features because that would break one or two applications installed on customer's websites.
A shared server can be secured to some extent using hardware firewalls with Intrusion Detection system. However, the cost of the hardware firewall and the low price of the shared hosting packages does not allow the hosters to implement it. Hence most of the hosters shy away from security. A VPS or a Dedicated server is always the best option if your website or emails are critical for your business existence.
I'm not sure how you can say that really, it totally comes down to how well the server is setup with both VPS and Dedicated, but shared hosting, how ever it is setup, can never be as secure as a VPS or dedicated server. There are only minor security differences between VPS and Dedicated when it comes to security, although the biggest one is how much do you trust your provider, if you don't really trust them, vps isn't for you, in most cases as they can access the file system etc, whereas on dedicated they cannot without your root password, this also applies to VMware, the provider cannot directly access the content of a VM without the root pass, although I'm sure there are 3rd party applications about that allow this, I haven't seen any as yet.
A dedicated server provider could boot the machine in single-user mode and not need the root password, although doing this without the customer's consent is unethical, still doesn't mean its not possible.
I think the point is that you have to weigh how much security you need applied to this particular information. Any time you have a machine hooked up to the Internet, no matter where it is, you have to assume that hackers or someone could access the data, it just depends on how much effort they really want to go into to access the data.
You just have to remember that every bit of security you apply makes the solution that much more expensive. Expensive in this sense doesn't necessarily apply to money, but it could be more restrictive for authorized users to access, more expensive in terms of time. You just have to weigh this for your needs. Everyone's needs are different and each person has to find the point where they are most comfortable in terms of cost and security.
If they did that the customer would be alerted to the matter, and still, if you need that level of security your server should be your own hardware, in a locked case, in a secure cage where only people you have security cleared to access the systems can get to.
Software security is worthless if the physical security isn't up to it.
Thanks a lot for the comments! Obviously the level of security comes down to a matter of balancing priorities. I have been researching securing a VPS or dedicated server and it seems that even after I climb the learning curve it may still be a full time job staying on top of security.
I found some discussion on the Sphera virtualization which is not too popular around here due to the lack of root access but I am wondering whether that might be more what I need. I would still be reliant on the host to keep the server secure but realistically they would probably do a better job than I could myself. If I sign up with a responsible host on such a configuration perhaps I would have VPS type security on a shared solution?
Again, it depends on what level of security you are wanting and how much you are willing to pay. It sounds like security is very important to you, more so than the average shared hosting customer. For that reason I would stay away from shared hosting. With shared hosting you are really at the mercy of the administrator of that server and the rest of the accounts that you are sharing the server with. On a shared hosting server, an account on the server that is running an outdated script may be exploited and could possibly access your account. Again this depends on how well the server administrator has locked down the server and how you use permissions on your files on your account.
Ideally you want to be the only account on a server. This way you are not at the mercy of other accounts and their outdated or misconfigured scripts. This isn't to say that one of the scripts on your account could not be exploited, but if this happens you really only have one person to blame.