Home | Industrial Blogs | Shared Hosting Environment: Securing at OS kernel level – FREE is Not The BEST

Shared Hosting Environment: Securing at OS kernel level – FREE is Not The BEST

By
Font size: Decrease font Enlarge font
Cloud Linux Most Secured Cloud Linux Most Secured

Linux has taken the world-wide-web by a storm over the last decade and a half. August 2015 survey by Netcraft shows that Linux of different flavors powers about 64% of world-wide-web. Linux-Apache-Mysql (LAMP) is the most preferred platform for hosting companies. However, as the hosting environment becomes more hostile from a hacking point of view, security occupies the front seat.

Linux was never meant to be used by a large number of not vetted users. It is too easy for a hacker to obtain an account on your server (by using a stolen credit card and signing up or by abusing some outdated script -- – like Word Press, Joomla or Drupal for example  -- one of your customers has not updated for years).
Securing Apache, securing applications done in PHP are just two layers of security. The most important aspect of security in shared hosting environment also has to come at the kernel level to ensure a water-tight security model. Nonetheless, nothing on the internet is secure because the internet was not designed with security in mind. But, with constant plugging of security loopholes things are getting better.

Cloud Linux is a company that’s gaining prominence in the shared hosting environment because they provide a secure environment for shared hosting providers. Agreed, it comes at a recurring price and is not free like CentOS Linux. But, it’s a small price that no one would want paying every month for peace of mind and minimizing security vulnerability in shared hosting business.

So, what does Cloud Linux OS really do? Here are two critical features:

CageFS: Each hosting account on the server is caged. What this means is that even if one account gets hacked, the hacker cannot get to see system files, look at content and files of other users on the server. This essentially means that only the impacted user account is at risk. Usually, user accounts get hacked because of weak account passwords, insecure PHP applications.

SecureLinks Technology: This eliminates the soft- and hard-link creation that most hackers employ to compromise a system through a breached user account. They get access to all system files on the server using soft- and hard-links. With SecureLinks technology, this attempt get thwarted.
With CageFS and SecureLinks technologies, users are virtualized to their file systems, preventing any individual user from seeing any other users on the server. The biggest culprit is running outdate-and-insecure installations of WordPress, Joomla, and Drupal. The most major problem here is that some third party company does the sites for a few pennies less, and the site owners have no clue how and when to upgrade installations.

Website owners only wake up when the site gets hacked. Most of the Wordpress, Joomla, Drupal based site owners don’t even know that their site is already compromised and is being used to send out a huge amount of spam. Most of phishing emails can be traced back to an already hacked Wordpress site, which has been hacked only to send phishing emails.

With CageFS and SecureLinks technologies, the system is secured to a significant degree against entire server compromise. The Cloud Linux OS comes at a nominal monthly fee of US $14/month per server.

However, this doesn’t absolve the site owner from ensuring that they are running a secure version of the scripts. If you are running your site based on Wordpress, Joomla or Drupal and haven’t updated in the past six months, you can be sure that you are sitting on a time bomb. Find an expert to upgrade your installation. Agreed this will involve cost – not just one time but every time it needs an update – but that’s the price that you pay for having opted for something that you thought was FREE. There’s no FREE Lunch. Either you pay for regular upgrades or settle for a commercial script based websites where you get consistent support as part of the contract.

Keywords:cloud linux hosting, linux on cloud, lunux cloud hosting, cloud linus hosting companies, linux cloud hosting providers, cloud linux hosting india, linux hosting on cloud companies in india



  • Email to a friend Email to a friend
  • Print version Print version