Why do I need to isolate my domains?
To start, cPanel is most known for the ability to manage your domain settings in one place, but you can also host multiple domains on a single account, if it’s cost prohibitive enough to open a second account. This presumes you have the ability to have additional Addon Domains with your hosting package. The ability to isolate your domains is key to maintaining the account security to keeps your apps not only secure from the public, but secure against other apps on the account as well.
Addon Domains
An Addon Domain differs from a Parked Domain (or Alias), in that it allows you to have a separate website root folder than your account’s primary domain. If you add a domain as an Alias, it will mirror the content of your primary domain instead of displaying it’s own content. This is useful if a particular domain doesn’t have it’s *own* website, but you want to manage the settings for the domain for other things like email.
Folder Placement
To logically separate your web properties, I find this method to be the most efficient. The idea is that your main domain has content exclusively in the public_html folder. This means when you add an Addon Domain, you must add it above public_html, so that you cannot access an Addon Domain via the Primary domain by simply typing the Addon root folder name after the primary domain.
On the filesystem, the directories would look like:
/home/user/public_html <- Primary domain
/home/user/addon1.com <- Addon domain
/home/user/addon2.com <- Addon domain
In cPanel > Addon Domains, this would be represented as /public_html (simply remove the /home/user part) as the site root path.
Securing PHP access
After you’ve established logical folder separation for your websites, you’ll be safe in the fact that one folder cannot cascade into the other, so this closes a vulnerability that would otherwise let a user discover other apps or sites on your account via the primary site. The next step will be to ensure that apps with filesystem access cannot extend their access into unauthorized directories (or directories that contain paths for other apps). This can be done using the open_basedir PHP setting. The way that this is set, is by providing absolute paths separated by a colon (:) for directories that PHP (and MySQL) can access. You generally want to avoid using the dot (.) to indicate allowing the current directory (as defined by getcwd()), as this can be changed at run-time by using the chdir() function. You also want to avoid including multiple directories by wildcard, by placing a forward slash (/) at the end of each directory entry.
An example of a fully configured open_basedir setting would be similar to:
open_basedir = “/home/user/addon1.com/:/tmp/”
If PHP needs access to specific .so modules (PHP extension), then you can figure out the path to the extension_dir with a PHPINFO page. On my system , the extension_dir is:
/usr/local/lib/php/extensions/no-debug-non-zts-20131226
I’ve taken out the .: from the beginning as shown below, as I stated before we want absolute paths only. The final form of the setting would be:
open_basedir=”/home/user/addon1.com/:/tmp/:/usr/local/lib/php/extensions/no-debug-non-zts-20131226″
You’ll need to tailor this to each app on each domain. It’s recommended that apps do not share filesystem access unless absolutely necessary. It’s more secure to have the app interact with another app via an API if it must.