Posts Topics Forums Images
Search videos from message boards Videos Search messages from microblogs Microblogs Search messages from imdb.com Imdb Search messages from yuku.com Yuku Search messages from lefora.com (free forums) Lefora
My account: Login | Sign Up
Loading... 

Thread: Secure Shared Hosting ... A Paradox?
Started 1 month, 3 weeks ago by dakman
We have several VPS's reselling shared hosting, and as we grow our shared hosting operations, I've realized how its almost impossible to have every user, developer or who ever is accessing our shared accounts to properly lock down their scripts eg set proper permissions... But what I don't get is how larger shared hosting providers (which we plan on becoming) fully lock out homedir/User A from ...
Site: WebHostingTalk Forums - Web Hosting Discussion  WebHostingTalk Forums - Web Hosting Discussion - site profile
Forum: Technical & Security Issues  Technical & Security Issues - forum profile
Total authors: 4 authors
Total thread posts: 3 posts
Thread activity: no new posts during last week
Domain info for: webhostingtalk.com

Other posts in this thread:

vapetrov replied 1 month, 3 weeks ago
If you looking about 640 permissions try to google about umask. Do not forget to apply it to ftp server. It easy to set up proper permissions. Just set 750 for every dir in /home and add apache/nobody user to every group. Sure you need to use suphp or fastcgi to prevent scripts run as apache/nobody. With this 640 permissions and open_basedir not really necessary.
Size: 387 bytes
Customize:  Customize "<b>Reply 1</b>: Secure Shared Hosting ... A Paradox? :: Technical & Security Issues :: WebHostingTalk Forums - Web Hosting Discussion"

dakman replied 1 month, 3 weeks ago
But if a shared user sets file permissions to 644 and 755 for their files/folders how would that work? Is there a way to make open_basedir apply for ANY file/folder in a users home directory so that User A's files BOTH php and non-php, no matter what permissions are set, can't be viewed by User B (by SSH, FTP, PHP include or any other type access)? According to what I hear the only solution...
Size: 935 bytes
Customize:  Customize "<b>Reply 2</b>: Secure Shared Hosting ... A Paradox? :: Technical & Security Issues :: WebHostingTalk Forums - Web Hosting Discussion"

 

Top contributing authors

Name
Posts
dakman
2
user's latest post:
Secure Shared Hosting ... A...
Published (2009-11-06 00:33:00)
But if a shared user sets file permissions to 644 and 755 for their files/folders how would that work? Is there a way to make open_basedir apply for ANY file/folder in a users home directory so that User A's files BOTH php and non-php, no matter what permissions are set, can't be viewed by User B (by SSH, FTP, PHP include or any other type access)? According to what I hear the only solution to protect users and still have their files...
vapetrov
1
user's latest post:
Secure Shared Hosting ... A...
Published (2009-11-05 02:28:00)
If you looking about 640 permissions try to google about umask. Do not forget to apply it to ftp server. It easy to set up proper permissions. Just set 750 for every dir in /home and add apache/nobody user to every group. Sure you need to use suphp or fastcgi to prevent scripts run as apache/nobody. With this 640 permissions and open_basedir not really necessary.
dakman View Beta Profile Newbie
1
user's latest post:
Secure Shared Hosting ... A...
Published (2009-11-06 00:33:00)
But if a shared user sets file permissions to 644 and 755 for their files/folders how would that work? Is there a way to make open_basedir apply for ANY file/folder in a users home directory so that User A's files BOTH php and non-php, no matter what permissions are set, can't be viewed by User B (by SSH, FTP, PHP include or any other type access)? According to what I hear the only solution to protect users and still have their files...
dakman dakman is offline View...
1
user's latest post:
Secure Shared Hosting ... A...
Published (2009-11-06 00:33:00)
But if a shared user sets file permissions to 644 and 755 for their files/folders how would that work? Is there a way to make open_basedir apply for ANY file/folder in a users home directory so that User A's files BOTH php and non-php, no matter what permissions are set, can't be viewed by User B (by SSH, FTP, PHP include or any other type access)? According to what I hear the only solution to protect users and still have their files...

Related threads on "WebHostingTalk Forums - Web Hosting Discussion":

Simply the fastest shared hosting | Affordable and Secure...  WebHostingTalk Forums - Web Hosting Discussion - site profile Shared Hosting Offers - forum profile Simply the fastest shared hosting | Affordable and Secure | LiteSpeedPowered
Simply the fastest shared hosting | Affordable and Secure | LiteSpeedPowered
Shared Hosting – RVSkins | RVSiteBuilder | Account...  WebHostingTalk Forums - Web Hosting Discussion - site profile Shared Hosting Offers - forum profile Shared Hosting – RVSkins | RVSiteBuilder | Account Manager | Highly Secure & Reliable
Shared Hosting – RVSkins | RVSiteBuilder | Account Manager | Highly Secure & Reliable
VPS Hosting, Shared Hosting, Reseller Hosting or...  WebHostingTalk Forums - Web Hosting Discussion - site profile Other Hosting Related Requests - forum profile VPS Hosting, Shared Hosting, Reseller Hosting or Dedicated Hosting clients needed!
VPS Hosting, Shared Hosting, Reseller Hosting or Dedicated Hosting clients needed!
Order >Proxy Hosting | Shared Hosting|Reseller Hosting...  WebHostingTalk Forums - Web Hosting Discussion - site profile Shared Hosting Offers - forum profile Order >Proxy Hosting | Shared Hosting|Reseller Hosting | 4+ Years in Hosting Industr
Order >Proxy Hosting | Shared Hosting|Reseller Hosting | 4+ Years in Hosting Industr
Reliable and Secure; Web Hosting | Email Hosting | Domain...  WebHostingTalk Forums - Web Hosting Discussion - site profile Shared Hosting Offers - forum profile Reliable and Secure; Web Hosting | Email Hosting | Domain Name Registration
Reliable and Secure; Web Hosting | Email Hosting | Domain Name Registration

Related threads on other sites:

Secure Shared Hosting with PHP on IIS6  Forums - IIS.net - site profile PHP Community - forum profile Secure Shared Hosting with PHP on IIS6
Secure Shared Hosting with PHP on IIS6
Secure FTP On GoDaddy Shared Hosting Accounts: How to...  Twitter / kenscott - site profile kenscott - forum profile Secure FTP On GoDaddy Shared Hosting Accounts: How to securely access files over FTP on GoDaddy shared hosting, and reas http://url4.eu/Isiy 5:34 AM Aug 25th from RSS2Twitter
Secure FTP On GoDaddy Shared Hosting Accounts: How to securely access files over FTP on GoDaddy shared hosting, and reas http://url4.eu/Isiy 5:34 AM Aug 25th from RSS2Twitter
Reading Secure FTP On GoDaddy Shared Hosting Accounts -...  Twitter / ryantxr - site profile ryantxr - forum profile Reading Secure FTP On GoDaddy Shared Hosting Accounts - How to securely access files over FTP on GoDaddy shared hos... http://ow.ly/15MixI about 18 hours ago from HootSuite
Reading Secure FTP On GoDaddy Shared Hosting Accounts - How to securely access files over FTP on GoDaddy shared hos... http://ow.ly/15MixI about 18 hours ago from HootSuite
I hate shared hosting.. I hate shared hosting.. I hate...  Twitter / Kastang - site profile Josh - forum profile I hate shared hosting.. I hate shared hosting.. I hate shared hosting.. about 1 hour ago from web
I hate shared hosting.. I hate shared hosting.. I hate shared hosting.. about 1 hour ago from web
Is this connection string secure on shared hosting?  DevNetwork Forums - site profile PHP - Code - forum profile Is this connection string secure on shared hosting?
Is this connection string secure on shared hosting?
Professional Shared Secure Kwaliteit Hosting  webhostingtalk.nl - site profile Hosting Aanbiedingen en Registraties - forum profile Professional Shared Secure Kwaliteit Hosting
Professional Shared Secure Kwaliteit Hosting
I'm willing to debate the security of Cloud Hosting vs...  Twitter / brianjeremy - site profile brianjeremy - forum profile I'm willing to debate the security of Cloud Hosting vs Dedicated Hosting vs Shared Hosting. #cloud #hosting #security 8:07 PM Jun 21st from Tweetie
I'm willing to debate the security of Cloud Hosting vs Dedicated Hosting vs Shared Hosting. #cloud #hosting #security 8:07 PM Jun 21st from Tweetie
Mellowhost - 50% Off for Life - Fast, Secure &...  NamePros.Com - Buy, Sell, & Discuss Domain Names - site profile Web Hosting Offers - forum profile Mellowhost - 50% Off for Life - Fast, Secure & Reliable Shared Hosting
Mellowhost - 50% Off for Life - Fast, Secure & Reliable Shared Hosting
Godaddy Promos : 20% off shared hosting...  domainname - Identi.ca - site profile domainname - forum profile Godaddy Promos : 20% off shared hosting http://www.domaincoupons.org/domain-names/godaddycom-promos-20-off-shared-hosting/ Published about 10 days ago From web
Godaddy Promos : 20% off shared hosting http://www.domaincoupons.org/domain-names/godaddycom-promos-20-off-shared-hosting/ Published about 10 days ago From web
Shared hosting  Fuzioned Forums - Powered by vBulletin - site profile The Pub - forum profile Shared hosting
Shared hosting
Thread profile page for "Secure Shared Hosting ... A Paradox?" on http://www.webhostingtalk.com. This report page is a snippet summary view from a single thread "Secure Shared Hosting ... A Paradox?", located on the Message Board at http://www.webhostingtalk.com. This thread profile page shows the thread statistics for: Total Authors, Total Thread Posts, and Thread Activity