A web hosting service where multiple independent websites are served by the same machine.
Shared hosting refers to a web hosting service where multiple independent websites are served by the same machine.
Questions tagged [shared-hosting]
76 questions
7
votes
2 answers
Could one create a vulnerable website on purpose to attack a server of a hosting provider?
Is it possible for a vulnerability in one application to be exploited to attack another application on the same server?
So according to the answer to the question above it is possible that when one website on a server is vulnerable to remote…
Just van der Veeken
- 593
- 4
- 10
6
votes
5 answers
Is storing plaintext passwords for email accounts any less bad?
I recently found out that the company I use for shared hosting stores passwords for email accounts in plaintext (they mentioned this to me incidentally, while troubleshooting another issue). They're a major company that does business and e-commerce…
octern
- 180
- 1
- 9
6
votes
2 answers
Will sabotaging a shared web hosting account threaten the security of sibling accounts being that they are shared on the same server?
Will sabotaging a shared web hosting account threaten the security of sibling accounts being that they are shared on the same server?
Whether it it be through htaccess setups, posting login credentials and configuration specifics publicly, or the…
user3359276
- 61
- 1
6
votes
3 answers
Any threats from isolated subdomain (controlled by hacker)?
I have a domain and a subdomain (on the same hosting) with isolated, jailed directories (no ability to go from one to another) and separate user accounts, as if they were two different domains (has own Control Panels, with full DNS ZONE…
T.Todua
- 2,677
- 4
- 19
- 28
6
votes
2 answers
Is it safe to use Memcached in a shared hosting environment?
The shared hosting I am using had Memcached enabled, I searched some forums that using Memcached in a shared hosting environment, can cause security problems like view the cache of the other user, edit the cache, etc. But the date is way back 2013,…
Da Heel
- 81
- 1
- 2
5
votes
2 answers
SAQ A-EP Requirements for VPS Hosting
We are hosting a site on a self-managed Digital Ocean VPS ("Droplet") that will be taking payments via Stripe using their stripe.js API. According to PCI, we have determined that we fall under the SAQ A-EP.
However, the SAQ A-EP (Part 2g) states…
John Mahoney
- 153
- 4
5
votes
3 answers
Recent hack appends to all javascript files
I have about 10 websites hosted on shared server by a2hosting, on apr 20 some of the js files for some of the websites were appended with a function that detects the device and if it is mobile it redirects to other websites with promotions. Using…
AntK
- 153
- 4
4
votes
1 answer
How much of a security problem is PHP's proc_open() on a shared host
My company is developing a PHP system that needs to interact with Git on the server, which can currently most conveniently be done by allowing external calls via proc_open(), system() and the likes. The problem is that our clients typically use…
Borek Bernard
- 345
- 1
- 4
- 11
4
votes
2 answers
Defense against same origin attacks?
The Question:
How do I, as the victim, protect my site from being manipulated into doing something it's not supposed to, on a shared host? Same-Origin policy looks the other way. Most convenient would probably be if I could somehow say something…
Gima
- 143
- 4
4
votes
2 answers
Evaluating hosting providers for CC development environment
An organization that develops software that may be subject to security evaluations such as Common Criteria is looking to externalize part of its IT infrastructure, including critical components such as source control management (i.e. internal…
Gilles 'SO- stop being evil'
- 50,912
- 13
- 120
- 179
3
votes
2 answers
Shared hosting hacked. Should I report this to someone?
A malware file appeared on a friend's server as described in this question. It's a file called "images.php" that is designed to look like nothing important, whose sole function is to wait for an unknown party to send it some code to execute.
The…
Robert
- 607
- 5
- 13
3
votes
1 answer
Visitors logs show \x80w\x01\x03\x01 the HNAP1
Can anyone tell me what this means? I'm on Bluehost with a shared server.
[ip]71.63.199.72 [url]HNAP1 [size] 134 [status] 401 [method]GET [protocol] HTTP/1.1 [referring url] My server address
[ip]71.63.199.72 [url]401 [size] 0 [status] 0…
sofia
- 31
- 2
3
votes
4 answers
Shared hosting vs VPS
I have an Asp.net site. Which hosting system do I need to secure it adequately* against anyone reading private information that's on the server? This is assuming I'm not worried about the sysadmins getting it.
Note: Even if no one gets control of…
ispiro
- 773
- 1
- 7
- 18
3
votes
3 answers
Shared hosting mail server, Thunderbird and encryption
In spite of much searching on the internet, I can't really get an adequate understanding of this topic, perhaps because it combines multiple elements. As a result, I'm really worried about the state of my e-mail security.
The website/mail server is…
John Smith
- 31
- 2
3
votes
1 answer
How to forward an specific FTP User to a Honeypot?
What I'm trying to do is to forward a specific FTP-User to a Honeypot, because the main server is for Shared Hosting and there's a lot of traffic, and I don't want to spend all the resources in monitoring users that I don't want to.
Is there a…
Felipe Leñero
- 31
- 3