Since we offer a WordPress website maintenance service, we are brought upon to examine different web hosting configurations in order to help our clients in their technology decisions.
One of the most neglected aspect surely has to be the cross contamination of websites. The reason is simple : none of the website owners have ever heard about it!
What is website cross contamination?
The cross contamination of websites is when a healthy website presenting no vulnerabilities whatsoever becomes infected simply because it’s hosted in the same account as another account which is vulnerable, and has been infected. When a vulnerable website is infected and becomes a tool to infect a perfectly healthy website, we have cross contamination.
A simple to understand example is the one of your chopping board in the kitchen. Say you need to prepare chicken and vegetables. If you start by cutting raw chicken on the chopping board, you know you’ll need to wash the board before chopping your vegetables on that same board. Else, you risk contaminating your vegetables. Otherwise, the fact you’ve cut raw chicken could contaminate your vegetables. Yet those vegetables didn’t present any risk by themselves. But the fact you’ve cut raw chicken right before carried some risk and could contaminate your vegetables.
How does a website cross contamination occur?
Simply put, the mere hosting of two (2) websites on the same web hosting account, where access credentials are shared by both sites, can create a cross contamination.
In our daily work, a scenario which we encounter often is the one where the same web hosting account is use to host both the live version of a site and a development copy. At the onset, both sites are up-to-date and there are no problems. But then, as time goes by, updates are only applied to the live site. The development copy is not kept in sync and updates are scarce or forgotten. Then, one fine morning… BAM! A pirate takes control of the development site and uses it to damage the live site.
The image above shows a classic example of a “dev” directory which simply shouldn’t be there.
Damages to hacked website are way more subtle. Gone are the days of defacing a site. Nowadays, hacked websites are used to discretely insert content, or more often than not, to create and send SPAM.
Many web hosting providers will allow a single account to contain multiple websites. Even though this seems enticing to save costs, this practice isn’t without risks and definitely not recommended.
One website, one account.