Sites hosted with us aren’t subject to website “cross-contamination”

One of our customers asked if multiple domain names hosted with us are vulnerable to “website cross-contamination”, a nasty security problem that can happen at many hosting companies when two different sites share the same “account”.

The answer is no. We intentionally handle multiple hosted domain names differently from the way most hosting companies handle extra hosted domain names, avoiding the problem.

What’s the difference?

Many hosting companies create each of your domain names as a folder under a single Unix “user account” on a server. Any script (including WordPress plugins and so on) running on one domain name has full access to all of those folders. That means a security bug in a script on one site can easily infect all of the sites by modifying files in those folders, and many try to do exactly that.

But we don’t make different domain names share a Unix user account like that. When you add another hosted domain name with separate content as “Add-On Hosting”, it gets its own separate Unix user account. Scripts running for one of your domain names don’t have access to the files of another domain name you host with us, so this kind of cross-contamination can’t happen.

The extra technical separation between domain names has other security advantages, too: for example, it allows our customers to give a third-party developer access to just one site. Security-conscious users can create separate FTP accounts or create separate SSH keys for individual domain names.

This is another example of the well-known trade-off between security and convenience. Occasionally people ask us why their sites don’t share files, and tell us the way we do it is inconvenient because they’re used to not keeping things separate. For some people, that’s probably true, but on balance, we’re glad we do it this way: the extra security outweighs the reduced convenience, and the balance is constantly tipping further in favor of more security.