web site security separation

bransom · May 23, 2013

What protects one web site on a cpanel server -- or the server itself -- from bad or poor practices (such as php or cgi that has XSS or other vulnerabilities) in another site on the same server? I have a small group of clients (under 2 dozen), only need web and sftp, so unless cpanel offers some form of easy security separation, I'm wondering if I'm better off just using straight apache with virtual sites.
Thanks

cPanelMichael · May 23, 2013

Hello

The PHP handler that you use partly contributes to this. You can find documentation on the PHP handlers available at:

Apache PHP Request Handling

Thank you.

ThinIce · May 26, 2013

You might find it interesting to read this post

http://forums.cpanel.net/f185/solutions-handling-symlink-attacks-202242-p23.html#post1397221

and understand the thread that it takes place in, which refers to a specific security weakness in the product stack. The 'solution' to this can go all the way back to the kernel, involve third party commercial software or be addressed using new experimental features in cPanel.

Thread starter	Similar threads	Forum	Replies	Date
R	ModSecurity False Positive WordPress - How can I temporarily whitelist specific for this website?	Security	12	Aug 12, 2020
J	SOLVED Security feature to protect website hosting in cPanel	Security	4	Nov 30, 2016
K	Website security problems	Security	1	Aug 15, 2016
T	Some security is interrupting website functions	Security	3	Oct 11, 2014
J	Removing CPanel and website Security DDOS Protection??	Security	4	Nov 15, 2012

Search

Search

web site security separation

bransom

Registered

cPanelMichael

Administrator

ThinIce

Well-Known Member