Secure shared hosting environment basics

Hi There,

I know this question has probably been churned over and over in various
different variations, so i applogise in advance if its one of those
‘here we go again’ posts :slight_smile:

We are a hosting provider that is currently using the LAMP stack to host
our clients websites. 80% of these are on our shared hosting instance
that currently has PHP 5.3 using safemode to assist in keeping sites to
their own area. We are looking to build a new shared service and have
been playing with nginx/php-fpm (on debian squeeze) and love the easy
configuration and speed.

My question is: What is the best way to go about setting up a shared
hosting environment for 1000’s of customers, which is secure from the
point of view that the customers can’t access other sites.

Im not looking for a how-to, really just a “this is the correct way you
should look todo this” hint that will point us in the right direction.

Thank you for reading!

PS: Would like to stick with debian if thats possible


On 29/10/2012, at 3:11 PM, Simon [email protected] wrote:

Thank you for reading!
From what i have read so far nginx is just not really setup for truly
secure shared hosting (multiple owners) - is this the case?



I would be interested by knowing which elements you consider to reach
a conclusion.
AFAIK, whichever Webserver you use, the problem lies on the environment
server configuration.

B. R.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs