All about malware and shared hosting

Malware infections have grown over the past few years. There are steps that can be taken to clean a site, and protect it from malware.

* Causes of malware
Generally speaking with in a shared hosting environment the most common cause of malware is out of date software with in the hosting account. For example, the most common is a theme or plugin with in a third party php script like wordpress which has security issues. The best way to ensure this doesn’t happen is use plugins that are from the wordpress admin section, so auto updates are available, and keeping them up to date. By default wordpress core will update automatically unless disabled – and it is a bad idea to turn off updates for wordpress. For themes, use a theme that will also auto update – otherwise you are left to manually update the theme for security issues.

* Why is there malware, and why can’t it automatically be blocked.
The common causes of malware being scripts, like php, make it especially hard to block. This is because PHP is a scripting language that runs under your account username. By that alone, php can make changes to files in your account. A security problem that allows changes to a file, uploading a file or other injections suddenly can compromise your site. There are some defenses on InterServer shared hosting such as Web Application firewalls, but these can not protect against all possible security issues.

* Scanning for malware
On InterServer shared hosting with in the cpanel control panel there is an option called virus scanner. This can detect known malware signatures.

* Automatic scanning of Malware
Running scripts on InterServer shared hosting do get scanned for malware but this does not cover all possible ways scripts can run.

* The problem with addon domains
Addon domains can be problematic when it comes to malware. A single username with many domains set up as addon domains could be compromised by another addon domain because there is no isolation between addon domains in the same account. PHP can edit any file with in your shared hosting account – that includes other addon domains

* Separate cpanel accounts / usernames
Separate cpanel accounts are isolated with CageFS on InterServer shared hosting accounts. This means username can see the files processes or other data from another account.