Chapter 8. Shared Hosting


It is impossible to achieve a high level of security in a shared hosting environment. However, with some careful planning, you can avoid common mistakes and protect yourself from the most frequent attacks. While some practices require cooperation from your hosting service provider, there are others that you can employ yourself.

This chapter covers the primary risks associated with shared hosting. Although the same safeguards can be used to protect against many of these attacks, it helps to see each one demonstrated in order to appreciate the scope of the problem.

Because this book focuses on application security rather than infrastructure security, I do not discuss techniques that can be used to strengthen the security of the hosting environment. If you are a hosting service provider and need more information about infrastructure security, I recommend the following resources:

  • Apache Security, by Ivan Ristic (O'Reilly)

  • http://suphp.org/

  • http://wikipedia.org/wiki/chroot

Many examples in this chapter demonstrate attacks rather than safeguards. As such, they have intentional vulnerabilities.

To strengthen your understanding of the topics presented in this chapter, I highly recommend experimenting with the examples.





Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net