Yes, SSH users should be jailed, but only within the confines of your server’s virtual prison. SSH, which stands for Secure Shell, is a tool that gives users command-line access to a server. Those technical savvy web hosting users who like to manage their websites from the Linux or Unix command line may request SSH access from a server or VPS administrator.

From a security perspective, it is probably a better idea to not give SSH access to users at all. Once they are in SSH, they can execute commands and potentially compromise the server. Even if they are model citizens, a third party hacker could gain access to their accounts and do some damage.

Fortunately, using a technique called jailing, you can limit the actual damage that a hosting customer’s account could do in SSH. The first problem with a standard SSH account is that even a user with limited privileges on a Linux system will still be able to navigate to every corner of the server. That means vital directories like /etc, /usr, and others will be exposed, and although the user will not have the necessary permissions to modify them, attackers could use that knowledge to their advantage.

When you jail users, you limit them to their own home directories. For example, a user name lydia will not be able to navigate above /home/lydia, and she will only be able to modify files within certain directories.

Jailing SSH users may not solve all of your security issues, but it can certainly lessen the chances of your server being unnecessarily exposed.

The Benefits of Jailing SSH Users

Resellers can often provide a personalized touch to web hosting. Even with plenty of major web hosting companies competing against them, resellers stay in business by offering their web design and consulting clients web hosting from their own small businesses.

This makes reseller hosting an ideal choice for users who want the ability to offer paying customers hosting services without the responsibility involved in running a server or VPS. The web host still handles all of the heavy lifting in the background, while the reseller is free to add, manage, and delete hosting accounts within his or her own limited control panel space.

Offering reseller hosting options has never been easier, thanks to cPanel/WHM. Making use of a trimmed-down version of the WHM (WebHost Manager) interface, cPanel provides resellers with only the tools they need to give their customers a quality hosting experience, without all of the complexity of managing a VPS or full dedicated server.

With cPanel, resellers can control disk space quotas, monitor account usage, suspend accounts, view website statistics, create custom hosting plans, and much more. Moreover, server administrators can configure reseller accounts just the way they need them. They can limit reseller accounts to only adding and removing clients or choose from several other sets of privileges, including a more advanced set that gives the reseller options such as account and quota modification.

Becoming a reseller is an easy way to personalize your clients’ web hosting experience, provided you have the time to offer them support and friendly customer service. With cPanel, you can focus more on the customers and less on the technical aspects of hosting.

Using cPanel for Reseller Hosting

Most blogging web apps, such as WordPress, use databases to store their data. This means that while the words you type appear in HTML format when someone accesses the site, the information itself is actually stored in a database such as MySQL.

Because of this reality, backing up the files from your HTML documents directory will not save all of the blog posts you spent countless hours writing. In order to save them and protect them, you need to backup your MySQL database. There are a couple of ways to accomplish this, some easier than others.

The common method employed by shared hosting users is to use some type of web frontend for MySQL, such as phpMyAdmin. Simply follow these instructions:

1. Login using your MySQL username and password
2. On the lefthand side, you should see a list of your databases. Click the one you want to backup
3. Select the “export” tab at the top
4. Choose the format from the dropdown menu (SQL is the default and is usually sufficient)
5. Click “GO”

It should open up a save dialog in your web browser, allowing you to save it to your computer.

The above method is great if you want to manually backup your database and always save it to your own computer, but if you have a backup server and want the process to be automated, you will need to use another method. One of the tools that I have used for myself and for many of my clients is AutoMySQLBackup. It is free, open source, and fairly easy to use. Once it is configured, you setup a cron job for it and never have to worry about backing up manually again.

How to Backup Your Blog’s MySQL Database