Running multiple sites on LAMP with secure isolation
I have managed multiple LAMP servers with 2-5 sites on each. They are mostly owned by the same user / client, so there are no security issues other than attacks through vulnerable daemons or scripts. I am building my own server and would like to start hosting multiple sites. My first problem is INSULATION. How can I avoid that the c99 script can destroy all virtual hosts? Also, should I prevent c99 from being able to write / read directories of other sites? (Easily "cat" config.php from another site and then log into mysql database) My server is a VPS with 512MB available for 1G. Among the free hosting managers, is there a small one that works for my VPS? (which is arguably compatible with the security approach,which I would like) I do not currently plan to host more than 10 sites, but I would disagree that a client / hacker can navigate unwanted directories or worse, run malicious scripts. FTP management will be fine. I don't want to complicate things with SSH isolation.
What's the best practice in this case? Basically what do hosting companies do to sleep well? :)
Many thanks! David
source to share
you must use the PHP open_basedir directive in your Apache configuration for each virtual host by adding this line:
<VirtualHost x.x.x.x:80>
ServeName www.example.com
DocumentRoot /path/to/your/virtualroot
...
... usual stuff ...
...
php_admin_value open_basedir /path/to/your/virtualroot:/some/other/path
</VirtualHost>
this will restrict all your PHP processes to access only this (or specified) path on your filesystem. Opening files elsewhere will be prohibited, even with chdir () or symbolik links.
You can also provide this directive at runtime using ini_set () as of PHP5.3.0, but it is better to apply it directly in the vhosts.conf files.
source to share
Check out ITK MPM for Apache 2.x: http://mpm-itk.sesse.net/
I've been using it on several loaded sites for a couple of years now without any problem.
source to share
For maximum isolation, consider lightweight virtualization (OpenVZ on Linux, FreeBSD jails, or similar). It is similar to ordinary virtual machines, but it splits the core and therefore does not incur the overhead of full virtualization. Lightweight virtual machines can also share disk space in a shared mode, instead of using a separate disk image each, and can use single copies of the same files. The downside is that lightweight virtual machines always run the same kernel, i.e. You cannot run one OS on another, which doesn't seem to be a problem for you.
source to share