By providing WordPress website maintenance services, we are faced with the opportunity to analyze different web hosting configurations in order to assist our clients in their technological decisions.
Websites cross-contamination is certainly one of the most neglected elements. The reason is simple: many website owners have never heard of it!
What is website cross contamination?
Website cross-contamination consists of an up-to-date, non-vulnerable website being infected by another site that contains a vulnerability and has been infected in the same hosting account. When a hacked and vulnerable site is used as a tool to infect an up to date and unproblematic site, this is called cross contamination.
Let’s say you have chicken and vegetables to chop. If you start by cutting raw chicken on your cutting board, you know you have to wash it before cutting your vegetables on the same board. Otherwise, you could contaminate your vegetables with salmonella. Even though there is nothing wrong with your vegetables in the first place. But having cut raw chicken beforehand is a risk and may cause your vegetables to be contaminated.
How does a website cross contamination occur?
Cross-contamination may happen by simply hosting two (2) websites in the same hosting account, where the same access is shared by both sites.
A common scenario in our day to day lives is when the same hosting account hosts both production site and its development version. In the beginning, both sites are up to date and this does not cause any problems. Then, as time goes by, updates are done only on the production environment. The staging site stopped evolving and security updates were no longer performed. Then one balmy autumn morning… BAM! A hacker attacks the development version and uses it to mess up the production site.
The image above shows a classic example of a “dev” directory that should not be there.
Damage is more and more subtle when a site is hacked. Gone are the days when hackers would just stare at a site visually. Now, a hacked account is used to insert content discreetly or, more often, to SPAM.
Many web hosts allow a single account to manage multiple websites. While it is tempting to save money by doing so, this is not without risk and should be avoided at all costs.
One website, one account.