About security levels
When multiple sites are hosted on a single server, sharing system resources, there is a high possibility of sabotage or inadvertent activity that may compromise the integrity of data. You can check misuse or malevolent activity by setting appropriate security features for each site when you create the site.
Depending on the security level chosen, certain services for the site run in protected mode within the site’s file system, technically referred to as a chrooted environment. This prohibits the resources of the secured site from unauthorized access; also, the Site Administrator and users of the secured site can not access data or resources pertaining to other sites on the Web server.
WEBppliance offers three security levels:
High security
3.1 compatibility
Low security
High security runs certain services, that are vulnerable to security breaches, inside the restrictive environment of the site's file system, using a mechanism called as chroot.
The services that are secured are:
CGI scripts
Telnet/Secure Shell
mod_perl/mod_php
CGI scripts can present security loopholes in two ways:
They can unwittingly reveal information about the host system thus enabling hackers to break into the system
When the scripts process remote user input, such as the contents of a form, they become vulnerable to remote exploits that subvert the scripts to run potentially destructive commands
High security uses the chroot mechanism to place cgi scripts inside a restrictive part of the site's file system.
Important: High security could pose problems if the CGI scripts for a site source required libraries or configuration files from outside the site’s file system, in which case, the necessary files will have to be copied across to the chrooted environment in which the CGI scripts reside. For example, if a CGI script uses Perl, then all the Perl libraries and configuration files must be copied into the chrooted CGI directory.
Remote login services like Telnet or SSH allow users to interact with remote computers on the Internet. They can expose your system to denial-of-service attacks and enable hackers to run subversive code.
High security jails remote user logins (administrator and users of the site) to the restrictive environment of their home directories. When the administrator or user of a site logs in, access is locked to the respective home directory, preventing view or access to any system wide resources from the site’s operating environment; further, the site’s resources are inaccessible to users outside the directory.
mod_perl and mod_php are modules that allow users to run scripts on the Web server, thus exposing your Web server to potential exploits.
High security disables the mod_perl and mod_php services for a site, so that users cannot run scripts using these modules on the site.
Important: High security disables mod_perl and mod_php services for a site, even if they are installed for the site. If these applications are critical to a site, then you must opt for low security.
3.1 compatibility offers a loosely knit security environment wherein remote login services are secured, but CGI scripts run in a vulnerable environment.
The following services are secured.
CGI scripts are not jailed into the site's file system. This compromises security but eliminates file sharing constraints posed by secured CGI scripts.
Telnet and SSH services are secured as in high security. Remote user logins (administrator and users of the site) are locked into the protective environment of the site's file system.
mod_perl and mod_php services are enabled for the site, allowing users to run these scripts on the site.
Low security enables all files residing on the WEBppliance server to be shared or accessed (depending on file access privileges) by the administrator of the site, but users are always restricted to their home directory within the site.
The site is also enabled to run mod_perl and mod_php scripts.
None of the following services are secured for the site.
While CGI scripts reside within the site's file system, the administrator of the site can access or share system wide resources outside the CGI-BIN directory.
With low security, administrators can use the Telnet or SSH remote login service to traverse the file hierarchy outside the site's home directory. Users, however, are jailed to their home directory within the site.
mod_perl and mod_php services are enabled for the site.