CageFS: Providing a Secure Web Hosting Environment

Posted in Blog, Security, Web Hosting on Jul 15, 2017

Security is a concern for us all these days whether we're out in person or conducting business online. And whatever the situation, the best way to stay safe is by acting proactively rather than reactively, and our approach to server security and account integrity is no different.

The Making of a Secure Host

A web hosting platform is secured as a collaborative effort of different mechanisms from anti-malware software and firewalls to operating systems and server management.

Essentially, there needs to be systems in place to counter the various methods hackers will use to access your information.

A good firewall should be capable of preventing the majority of forced entry hacks, however more subtle attempts, particularly those relying upon the exposure of vulnerabilities, can be effectively prevented with tight control of information relating to user access and server/software specification, for example.

CloudLinux & CageFS

All of our web hosting servers operate and are secured by the CloudLinux OS and CageFS. CloudLinux we know, is an industry leading operating system for Linux web hosting servers but what about CageFS?

Well, CageFS is a file system which creates and contains individual users in their own cage effectively isolated them from one another. Each user has access to all of the files and tools needed to efficiently run their own website, however as they segregated from other accounts hosted on the server they are unable to affect them in any way.

Restriction Without Being Restricted

I touched upon it briefly in the above paragraph, however the essence of CageFS is to provide each user with the resources they need and none of the things that they don't. Of course, this sounds logical but it wasn't always the case. And what's more, CageFS is able to deliver security without impeding performance or causing the user and sense of restriction.

Prior to the development of CageFS it was possible for any one individual to find usernames, view system config files and server processes of the other account holders on the server. Obviously, this was a vulnerability in the system and one which could be exploited if the right information fell into the wrong hands. Thanks to CageFS this is no longer the case, and this alone has gone a long way to promoting a secure hosting environment.

The Point

At this point in time, I'd imagine the vast majority of web hosts running Linux servers would be making use of CageFS, and the point of this blog wasn't to make it seems though this is a sudden introduction for us, as it's not; we've used this technology from the outset. The point was to give interested parties an insight one of the ways that we, just like many others, provide a stable and secure hosting platform.

Your Security

As this post should hopefully illustrate, we take security, both yours and ours, seriously and actively work to maintain a secure state. However, we can't protect against every eventuality and potential avenue of attack. This is why its equally important that you work to improve your own security by keeping your software up to date and only share access information with trusted sources.

Posted in Blog, Security, Web Hosting on Jul 15, 2017