Hello,
My main question is:
Do you consider Virtualmin secure enough to share hosting for customers who blatantly don’t feel inclined to update/patch vulnerable code in their websites which would allow an attacker to access (change/delete/upload/etc) the files on the web server (most specifically within their relative ~/public_html directory).
Is Virtualmin & linux robust enough in terms of the security setup & permissions that you don’t think this is even an issue. Or would you feel more inclined to suspect that in a situation like this, eventually one customer’s hack, could wind up affecting other customers, etc.
We are considering offering customers two hosting plans:
- Basic - Website is on a shared Virtualmin server with other websites from various customers.
- High Security - Website is on a shared Virtualmin server with other websites from other customers. Each of these customers monthly fees includes paying us a fixed amount to upgrade their Joomla install (as Joomla project security & maintenance updates are released) & upgrade/disable/replace Joomla plug-ins that have known vulnerabilities.
The main idea is that for customers who want a basic stagnant website AND the cheapest hosting, they all get grouped together onto one server that we do install Debian apt-get updates onto (including as prompted by Virtualmin, but also via apt-get manually).
If these customers Joomla installs are not updated every 3-10 weeks (depending on Joomala maintenance releases), their websites will effectively have security vulnerabilities. And depending on the nature of those vulnerabilities, an attacker may be able to remotely execute code, install a back-door PHP script, etc. Once this happens, our concern is whether they would be able to take it a step further & access/change OS/daemon configuration files, install kernel modules (root kits), etc. Also a concern would be whether they’d be able to access & mess with other customers website files, etc. We currently don’t allow SSH access (from outside of our network) to our servers. But I have seen some of the PHP tools these guys put on servers to give them a web front-end to try & further infiltrate the server via PHP. It is somewhat unsettling.
Hence our idea that we keep all customers who are willing to spend the money to keep on top of security updates on 1 Virtualmin server. And everybody else goes on the other server (which we have the assumption is more likely to eventually get hacked via a customer’s vulnerable PHP code).
What are others doing to address the security concerns? I would greatly appreciate the feedback from others in this community, as well as the best-practice recommendations from the Virtualmin devs themselves.
Thanks,
Doug Mortensen
Impala Networks, Inc.
www.impalanetworks.com