Shared Web Hosting Security

Having roommates is a great way to cut down on the cost of rent. But would you ever move into a new place without knowing who your roommates were or how many roommates you had?

This is often the case for businesses that use shared web hosting for their websites. Shared hosting is a popular option for businesses looking to put their website online without the expense of hosting their website on a private or dedicated web server. Much like having roommates, shared web hosting services enables websites from multiple parties to reside on the same server (or live in the same home) to save money.

Soteria sees the value in shared web hosting for small companies, but wants businesses to understand the following associated shared web hosting security risks of being in such “close quarters” with other unknown websites:

Potential Shared Web Hosting Security Risks:

1. If a website hosted on a shared server is compromised by a hacker, the hacker could potentially gain access to every website hosted on the same server. (i.e. If a criminal breaks in through your roommate’s window, the criminal may gain access to every room in your house.)
2. A hacker could potentially host their own website on the shared server. (i.e. A criminal could be one of the roommates living in your house.)

By understanding these potential security risks of shared hosting, your business will be better equipped to mitigate them. Here are Soteria’s tips for improving security for businesses who opt to use shared web hosting services:

Suggestions for Mitigating Shared Web Hosting Security Risks

1. Conduct a reverse IP lookup to see what websites are hosted on your shared server. (i.e. Request to know who your roommates are.)Performing a reverse IP lookup periodically will provide you with insight into understanding which websites are hosted on your same server. A security expert can help with this process and will be able to help you with this process and determine the level of risk these “roommates” potentially pose to the security of your website.
2. Periodically conduct a web vulnerability scan and and devise a plan to address an identified security risks. (i.e. Identify possible points of entry into your room, such as unlocked windows and doors, and make a plan to secure them.) Web vulnerability scans are popular ways to get insight into the level of security of your website. A vulnerability scan will also provide you with specific recommendations on what you can do to strengthen your website’s defenses, making it more difficult for a potential hacker to compromise your site. Check out Helios™, Soteria’s vulnerability scanning tool, provided at little-to-no cost to Soteria’s SecureStart approved clients.

NOTE: Before selecting a hosting service, make sure you choose a provider that allows you to run vulnerability scans on your site and network. Because you do not own the server on which your website resides, you must ensure running vulnerability scans is permissible by your service provider. Always work with a security expert when conducting vulnerability scans.

Originally published at https://soteria.io/shared-web-hosting-security/ on December 2, 2016.