Thread: Does your host give you dedicated IP's?
View Single Post
Old 05-06-2007, 01:38 PM  
ServerGenius
Confirmed User
 
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
Quote:
Originally Posted by GrouchyAdmin View Post
Hans - you have to do something about your compulsive 'return' key.. unless I fullscreen GFY, your replies look really strange.

Another thing that you slightly touched on for VirtualHosting, but didn't explain, was that not only are you all sharing the same webserver on that machine, most sites are running as the same user.

So, if someone's running WordPress on domainA.com, and it gets hacked. If you're on the same server as domainA.com, there's a very good likelihood that the person who hacked that site will drop things on the server.

One of the most commonalities of that happening is the people finding that their blogs now have <iframe> exploits which installs spyware on the surfer's computer. When this happens, the webmaster has little recourse, as they're on a virtualserver, and as Hans noted, they rarely give a shit.

Even worse, if they do re-image the machine, and the webmaster for domainA.com puts their buggy install back, then it's just a matter of time until they get hacked again, which may start this whole process over.
lol yeah I forget to hit return quite often and have that fuck up the layout
of my reply.....lol I hate wordwrap.

Yes I haven't touched security issues in regards to virtualhosting and what
you say is true.....buggy scripts, wrong file/directory permissions are an even
bigger risk on vhosting than dedicated. I'm not even gonna start on providers
properly securing their servers or the servers of their clients no whether it's
dedicated or virtual.

NEVER assume your servers are properly secured unless you've done it
yourself. Dedicated servers usually have an out of the box OS install on them
and you are responsible yourself for securing it. If you pay for fully managed
ALWAYS ASK what has been done and what hasn't. Ask if they setup a
firewall, ask for the rules they've added to it. Ask if they perform security
upgrades and how often. Ask what kind of monitoring they provide for your
server.

With anything goes ALWAYS ASK, NEVER ASSUME or you'll end up dissapointed
at some point
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho |
ServerGenius is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote