Running multiple sites on a LAMP with secure isolation
Posted
by David C.
on Server Fault
See other posts from Server Fault
or by David C.
Published on 2009-10-21T11:27:59Z
Indexed on
2010/05/01
12:58 UTC
Read the original article
Hit count: 390
Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation.
What is the best practice in this case? Basically, what do hosting companies do to sleep well? :)
Thanks very much! David
© Server Fault or respective owner