Unfortunately I got into a bit of an argument with somebody today about the management of their cPanel server. As a sysadmin of over 17 years – starting my career by setting up an ISP from scratch through to high performance computing at two BAFTA and Academy Award winning companies and as a senior systems administrator at a Government-approved, multi-award winning web hosting facility, I am all too aware of the “putting one’s eggs in a basket” approach.
While control panel systems like cPanel/WHM, Parallels Plesk and Webmin make it easy to host a web site with minimum effort, it still takes some skill in administering the server when one is hosting many web sites. Unless you’re hosting a server just full of WordPress sites, keeping a configuration that’s both secure and flexible enough to keep your server running, satisfy your PHP application’s requirements, and your web sites free of security issues is not much fun.
I’m concerned that I am seeing far too many people cramming as many sites on a cPanel server as possible and expecting it to work after 200 sites of varying system and bandwidth requirements are all running at the same time. A dedicated server may be a workhorse, but you’ve got to work to a lowest common denominator to be able to run your site. That does not necessarily mean that the site will run optimally.
On top of all that, you need to factor in security. Security of the daemons such as Apache, MySQL and PHP along with Exim, Dovecot, SpamAssassin and everything else in-between. suPHP has been a popular method of getting PHP scripts to run within the Linux userspace as the user and not that of the web server. It additionally checks the permissions of the script to ensure that nothing bad can happen. Too many people still use open, insecure permissions such as 777 (any and every user can read, write and delete) with sites such as WordPress or Joomla, leading to exploits where attackers can upload PHP scripts of their own, or phishing HTML files that can be used to capture security information.
The trouble with suPHP is that it can be slow, but there is a newer (somewhat experimental) mechanism called mod_ruid2 (for Apache) that provides similar (although is not as strict at checking permissions) protection. The point being is that nobody has to run PHP scripts or set directories with insecure permissions that would allow an attacker to misuse their server. When you’re dealing with many, many sites on a single machine this is vital.
I’m seeing far too many compromised servers – and even more frustrating that people using these servers are not familiar with them sufficiently to be able to ensure sufficient security of their server. This is of course on top of ensuring that their PHP applications are kept up to date, and that they’ve checked the security of any plugins (the biggest culprit in compromised sites alongside dodgy file permissions) to go along with it.
With the control panel methods I mentioned above, these servers can act as a email server for each account too. The problem here is passwords. Few of these control panel systems offer two-factor authentication, and it doesn’t take long for somebody to use an insecure password before an email account is compromised and use to send phishing/spam email.
And add to that should the main server itself go off line, you have no email, no web server, no database, nothing. The eggs in a basket thing.
I cannot stress enough that when considering web hosting, plan to use multiple servers (whether virtual or dedicated) and split your services and applications among them. Go with a company that offers load balancing (control panel systems like cPanel or Plesk are not suitable for this, so you’re going to need to get your hands dirty with config files and the command line) for high availability.
Weigh up your requirements – sticking it on a control panel based system is not necessarily the best option.