The ongoing risk of cross-contamination, or malware that spreads from one website to another when they are hosted in the same environment is one of the most prevalent issues that we see among many of our clients. This happens frequently in cPanel systems, especially when add-on domains are used or when Virtual Private Servers (VPS) are set up incorrectly. While we have long warned clients about the dangers of cross-contamination, we have yet to create any content that shows website owners how to do it specifically. Thankfully, that has changed today with the publication of our updated safe VPS setting guide!
Cross-contamination: What is it?
Security is not typically the first thing website owners think of when setting up their hosting environment. They’re eager to launch their brand-new websites, so why would they worry about hackers? In reality, most website owners only think about security after their website has been hacked, is spewing malware, and is being blocked by Google.
Website owners frequently choose the quickest, cheapest, and easiest method to configure their websites because, well, why wouldn’t they? However, numerous websites are crowded into a single instance of cPanel or are placed in the default directory of their hosting server (owned by the same person, no less). In that case, this might provide the ideal conditions for malware to propagate from website to website.
A single compromised administrator user on a WordPress site has the potential to shut down your entire fleet of websites, creating a tremendous headache (and costing a lot of money to fix). Trust us, we’ve seen it happen a lot!
With a little bit of knowledge and the help of PHP-FPM, you can set up a safe VPS hosting environment where cross-contamination is impossible.
Describe PHP-FPM.
A cutting-edge FastCGI process manager for PHP, PHP-FPM offers a considerable performance improvement over conventional CGI-based techniques. For PHP applications, it offers a reliable and expandable architecture that enables the secure division of various websites running on the same server. When trying to prevent malware cross-contamination, which is a regular problem when hosting many websites on the same VPS, this isolation is especially helpful.
We may utilize NGINX in conjunction with PHP-FPM for a scalable environment to host several websites securely with a basic LEMP stack (Linux, NGINX, MySql/MariaDB, and PHP). File ownership and permissions are only half the battle; it’s also crucial that different users operate the PHP process underneath it on the server. The secret to preventing cross-contamination is this!
You should be familiar with SSH and the command line interface. But don’t worry; now is the ideal moment to learn if you are unfamiliar.
Conclusion
There is no “one size fits all” answer in the field of cybersecurity. However, implementing PHP-FPM on your VPS offers a strong and reliable safeguard against a security problem with one website spreading to others. By preventing cross-contamination, this configuration enables us to improve the security and safety of the digital environment.
Keep in mind that creating a safe environment is only the first step. You can stay ahead of any security threats by regularly updating and monitoring your systems. This arrangement will aid in preventing the transmission of malware among websites, but it won’t entirely shield them from hacking attempts. Utilizing 2FA, regular website upkeep, allowing automatic plugin updates, securing your administrator panel, employing a website firewall, and hardening WordPress are all things we always advise.
