Since we provide WordPress maintenance services, we’re faced with the opportunity to analyze different web hosting configurations in order to assist our clients in their technological decisions.
Website cross contamination is certainly one of the most neglected elements. The reason is simple: many website owners have never heard of it!
What is website cross contamination?
Website cross contamination consists of an up-to-date, non-vulnerable website being infected by another site which contains a vulnerability and has been infected in the same hosting account. When a hacked and vulnerable site is used as a tool to infect an up to date and unproblematic site, this is called cross contamination.
Let’s say you have to prepare raw chicken and vegetables. If you start by cutting the raw chicken on your cutting board, you know you’ll have to wash the board before cutting your vegetables on the same board. Otherwise, you may contaminate your vegetables with salmonella. Even though there’s nothing wrong with your vegetables in the first place. But having cut raw chicken beforehand is a risk and may cause your vegetables to be contaminated.
How does a website cross contamination occur?
Cross contamination may happen by simply hosting two (2) websites in the same hosting account, where the same access is shared by both sites.
A common scenario in our day to day lives is when the same hosting account hosts both production site and its development version. In the beginning, both sites are up to date and this doesn’t cause any issues. Then, as time goes by, updates are done only on the production environment. The staging site stopped evolving and security updates are no longer performed. Then one fall morning… BAM! A pirate attacks the development version and uses it to mess up the production site.
The image above shows a classic example of a “dev” directory that should not be there.
Damage is nowadays more and more subtle when a site is hacked. Gone are the days when hackers would just visually deface a website. Now, a hacked account is used to insert content discreetly or, more often than not, to send SPAM.
Many web hosts allow a single account to manage multiple websites. While it is tempting to save money by doing so, this is not without risk and should be avoided at all costs.
One website, one account.