CloudLinux – Shared Hosting made Stable
Lightweight Virtual Environment
If your company uses email, a dedicated IP eliminates any possibility that your mail IP banned due to any action by other tenants. (Spamming is very tightly controlled and does should usually present an issue).
- 75% of down-time & outages can be attributed to a single user
Shared hosting servers have multiple Web sites that are using WordPress, Magento, Joomla, Drupal and other popular applications. These applications are composed of exactly the same files, yet the files would traditionally have to be loaded separately for each Web site, wasting both server’s IO and memory. OptimumCache solves these problems by creating a cache of duplicate files so that they are loaded and cached once from the file system. In doing this, the system effectively eliminates disk I/O, significantly improving the speed of sites loading.
The memory saved can be utilised to cache more files or serve more apache/Litespeed processes.
Customers have reported:-
- 30% Drop in System CPU Usage
- 52% Drop in I/O Wait
- 25% Drop in total CPU Usage
- 50% Drop in Disk Utilisation
- Up to 20% drop in latency for popular URLs
The symlink attack is an old favourite of hackers and is still very much prevalent.
It just takes a single unpatched/vulnerable script for a hacker to obtain access to a server.
The attack usually occurs after the hacker has been able to read the contents of the /etc/passwd file and has enumerated the server’s users.
(Without CageFS all users have access to the /etc/passwd file which contains the usernames of all customers. However when CageFS is enabled the virtual /etc/passwd file the customer has access to only contains their own account, so a compromised script cannot enumerate the server’s other users.)
The attacker then runs a script which blindly builds symbolic links (a bit like shortcuts on Windows or Aliases on a Mac) to locations where configuration files for commonly used CMS might be kept in each user’s home directory.
- WordPress config files are typically found at /home/<user>/public_html/wp-config.php
- Joomla config files are typically found at /home/<user>/public_html/configuration.php
- Magento config files are typically found at /home/<user>/public_html/app/etc/local.xml
It’s a numbers game – in most cases the symbolic links created will point to nothing at all, but on a server with hundreds of users, it is likely that a number of hits will occur. If the permissions on these files allow the world to read the file.
i.e. if the right most number that makes up the chmod permissions is anything greater than 1.
(Again CageFS alone, would stop this kind of attack as the others customers files would not exist on your user’s filesystem, to link to in the first place).
Even if you do not run CageFS on CloudLinux (UnixGuru does) then SecureLinks ignores any symbolic links where the start and end users do not match at the Kernel Level.
i.e. Any links that user jbloggs, links to files belonging to jdoe, would not work, as the start and end of the link are not the same user.
Why UnixGuru chose CloudLinux
CloudLinux customers experience:-
- 3 x less reboots than with ordinary RHEL/CentOS (made even fewer by KernelCare).
- 6 x less user suspensions
- 70% drop in support cases for our Helpdesk
- All major PHP versions and extensions supported.
Enhances our support model:-
- CloudLinux (Commercial OS with support)
- LiteSpeed (Commercial WebServer with support)
- DirectAdmin (Commercial control panel with support)