Knowledgebase

Dedicated server security - CloudLinux, virtualization, separate VPS's, or...

Posted by UrbanDonkey, 03-24-2015, 11:14 AM
First, I'll admit that I'm a little paranoid when it comes to security. I have a fast, dedicated CentOS 6 server on which I host around 10 sites. My host, myself and the occasional IT contractor (usually when I break something) are the only people who have access, via SSH, cPanel/WHM, and SFTP. I rely on this server and these sites for my income, and they're complex enough that it would take quite some effort to recover. Thinking about a scenario in which one site is compromised and the attacker gains access to all of them, I've been thinking of something along the lines of CloudLinux, virtualization, or even switching to separate accounts with a host like Digital Ocean. Lets assume we've configured the server with most of the common security layering practices, but we're not especially quick with software updates. Do you think this would be worthwhile?
Posted by nisamudeen97, 03-24-2015, 12:19 PM
Hi, You have to find the exact reason of the hacking issue fist. First question that need answer is how it happened then you have to take further actions. You have to check acccess logs, FTP, apache and cpanel logs in detail. Detailed analyzis will provide you cause of the issue. >> Do you think this would be worthwhile? No It is not. Last edited by nisamudeen97; 03-24-2015 at 12:33 PM.
Posted by eth00, 03-24-2015, 09:26 PM
Security really comes down to risk management. You have to decide how much risk you would like to accept. Same goes for not always applying software updates quickly, its all about the risk. If you want to accept very little risk and have the most secure environment - virtualize away and don't forget the IPS, firewalls, etc! If you want to take on all of the risk throw everything on to one massive server with apache and php all running as a single user. In general of course you will have to find where the best middle ground is. I personally prefer using VMs to segregate things that are even mildly important. Do make sure that if you do virtualize you lock your hypervisor down very tightly so it is not the source of an attack on other machines. Virtuailzing does cause more resource overhead but it is more secure. If you are going to be doing shared hosting I would at least make sure that each site runs as its own user.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
NGINX load balancing and IP (Views: 559)
Bash script to check ioCube and suphp is installed (Views: 653)
What could this connection be? (Views: 492)
Reputable VPS supplier (Views: 610)
Wordpress 3.6.1 release -- Security (Views: 598)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.