Solved

Is CPanel Hosting secure and recommend good PHP security books

Posted on 2016-09-11
4
44 Views
Last Modified: 2016-09-13
I heard that shared hosting isn't secure. Is CPanel Hosting secure?

Also can you recommend some good PHP security books?
0
Comment
Question by:burnedfaceless
4 Comments
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
it depends on how you define "secure", hehe. what kind of data is to be kept and accessed on the PHP based hosting site?
0
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 250 total points
Comment Utility
Information technology security is a full time four year college major.  You cannot get a "whole-cloth" answer to a question about security from this forum or any other.  But we can point you in the right direction of the learning opportunities, and hopefully some of these will save you at least a part of the four-year education.  And besides, the threats morph at an amazing speed.  By the time a Freshman becomes a Senior, the threats learned in the first year have been replaced by newer threats!

PHP has a security section on its web site.   This is updated regularly, as the evolving threats change their attacks and vectors.  But look at the age of the user-contributed notes!
http://php.net/manual/en/security.php

There are many authors who write about security, and maintain blogs, twitter accounts, etc.  Chris Shiflett was one of the good ones from a decade ago.  So was Terry Chay.  With a bit of Googling, you can find others who are more current, but these two guys have covered many of the issues.  Many of the old "holes" have been plugged in the current frameworks like Laravel.
http://shiflett.org/blog/2005/feb/my-top-two-php-security-practices
http://terrychay.com/article/php-advent-security-filter-input-escape-output.shtml

You might want to join OWASP, too.
https://www.owasp.org/index.php/Main_Page

The most essential underlying principle is "accept only known good values."  When a request comes to your site, where did it come from?  USA?  France?  Pakistan?  Russia?  If you only sell French cheese for distribution in France, what good are those other requests?  If your site has three cheeses, and they are numbered 1,2,3 would you process any request for anything other than 1 or 2 or 3?  It's this kind of "filter and sanitize" thinking that makes for better security.  But it's complicated, and as applications grow, there are more chances to introduce "holes" into your sites.  For some discussion on these topics, please see this article and scan the text for "An Afterword" where you will find some of my writing, but more importantly, a coda full of comments and ideas from other members of E-E.  The comment thread at the end of the article is pretty good!
0
 
LVL 29

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 250 total points
Comment Utility
CPanel is just a hosting space administration frontend.

Your question is like asking if phpMyAdmin is secure for hosting MySQL and even that comparison isn't good, since PHP is just a side topic to CPanel, CPanel is about managing your hosting space. It wouldn't be used ever so often, if it was unsecure. What always holds true is, your usage of it may be secure or unsecure, as your usage of an OS could be.

Make yourself familiar with CPanel and its functionality: https://en.wikipedia.org/wiki/CPanel

Bye, Olaf.
0
 

Author Closing Comment

by:burnedfaceless
Comment Utility
Thanks, added bookmarks and I will join OWASP.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now