1 server user per domain ? Why is it recommended to create a user for each domain that you host ?

hello,

When hosting different domains on a dreamhost account, it is recommended to create a new "user" for each domain that you host.

Can you explain why it is recommended ?

I see a benefit hosting all domains under the same user"
when connecting to FTP, only 1 connection will allow me to work on all my domain files.

But if I have 1 FTP user per domain it means that I will have to connect to each user to be able to edit all my websites.


Can you tell me what are the reasons to recommend to create 1 new server user for each domain hosted on the same dreamhost account / server ?

Thank you.

 

To not allow for what you want, basically, because it's horrible, security wise. If anyone gets a hold of that one account, due to hacks, carelessness, or whatever, s/he will have access to ALL the sites hosted on the account, and will be able to freely change between them, destroy them, delete them, deface them etc.
If you create separate accounts, s/he will have access to the compromised site, but none of the others (will of course mean you will need to create proper passwords and such as well, but that should always be the case, of course).

Multiple hosts on same account should be avoided - especially if you want to give others access. If these are all your own sites, hosted on your account, sure, one single sign-on can be useful, but it's still a security risk. Same as you don't use a root-user to login to the server via SSH - you use a regular account, and then up it via SU or SUDO.

 

Thank you so much !

Can I know why"you don't use a root-user to login to the server via SSH - you use a regular account, and then up it via SU or SUDO." ?

Do you mean that we should not create root-users ?

What is the difference if someone login to SSH with regular and then up it via SUDO ? Isn't it the same at the end ?

Thank you again for your teaching !

 

No, you do not give regular accounts root, and you limit which accounts belong in SUDO.

There isn't really a difference (well, there is, but lets pretend there isn't for the sake of argument) between logging in with a priviliged account, and SUDOing a limited account, but the point is that if someone gets ahold of the limited account, they have... a limited account. Unless they ALSO get ahold of the SUDOer password (which does not have to be the same password), then they won't get very far. Which is also the reason why you do not give out root-access to ANYONE besides yourself - hierarchial user-setups, with the root user on top, and all the others below, is the sane way to go. Same goes for group-access - make sure you give users access to only the things they need - set up separate log-files for each domain / account, so they can access their own error-logs, make sure they have limited access to the file-system (preferably only their own folder-instance for uploading / managing the website-files) and so on.

 

You can't imagine how many customers we have that have dozens of websites/domains under the same cPanel.
The last time one of this customer contact us he was in panic cause one of his websites, that didn't had the plugins updated, was compromised, and also ALL the other websites he had under the same cPanel account. Lesson learned. After he spend 3 hours "cleaning" and updating everything he's account was on hold making him loose thousand of visitors. Next day he bought a multi-domain (reseller) account for this didn't happen again