Restricting Shared Hosting Accounts

Shared hosting is a type of web hosting where multiple users share the same server. If you have a dedicated server, you might offer shared hosting accounts to your users who need hosting accounts with their own domains but are not ready for a VPS or dedicated server of their own.

Because shared hosting users have to coexist on the same server with others, it is necessary to have rules in place for the “greater good”, just as a society has common laws. What follows are some of the restrictions you might want to have in place to ensure shared hosting harmony.

1. Disable root – It goes without saying that you should refrain from giving your users root access, but you should also make it impossible for them to even try to gain root privileges. Make sure only your user account can run the “su” or “sudo” command to gain root access.

2. Jail users – You can use chroot or some other technology to make sure users cannot go beyond their home directories when using their control panel file managers, FTP, or other method of access.

3. Restrict SSH – In the right hands SSH is a powerful tool for managing a server. For most shared hosting users, it is unnecessary. Disable it by default on new accounts. If users have a legitimate need for it, they can request it.

Shared hosting is a great feature to offer to your clients, even on a small scale, but it does require a good amount of work, monitoring, and security management. By limiting the amount of inadvertent damage your customers can do, you can save yourself from difficulty and keep your server running smoothly.