How To Prevent Cross-Site Contamination
While the mere thought of cross-site contamination can strike fear into the hearts of website owners, it’s an issue that is largely avoidable. Read on to find what actions you can take to reduce the risk of cross-site contamination affecting your website.
What is cross-site contamination and what causes it?
Cross-site contamination is when a site is affected by other sites on the same server, often caused by poor isolations on the account or weak server configurations. A single insecurity on one website has the potential to put an entire network in danger.
The biggest contributors to cross-site contamination are environments that host hundreds of different sites or platforms that have multiple installations and configurations. Sites undergoing development and production phases are also particularly vulnerable to contamination.
How to ensure components are kept separate
+ Do not mix server functions; use each environment for what it is intended for. For example, don’t use an email server as a web server.
+ Do not mix technologies if you’re able to, as the differences in platforms can cause clashes.
+ Do not mix different stages for different sites, whether it be development, testing or production.
+ Create specific users for each site and ensure permissions are set so that users cannot move between others on the same account. You will find that most attacks come from those that are moving between users within the same account, rather than those that are moving between accounts.
Does cross-site contamination affect firewalls?
Yes. This can occur as a result of both internal and external attacks, which may need to be investigated.
+ Internal attacks are where the attacker is able to abuse internal weaknesses within the site and engage in corruptive acts by moving throughout it.
+ External attacks are where the attacker is able to abuse weaknesses remotely to gain access to the site and then engage in corruptive acts.
Sites can be affected multiple times despite there being firewall protection; if you find you are being affected again and again, it is worth looking at the environment as a whole. Misconfigured websites, forgotten websites or websites that have not been secured are known to be major contributors to reinfection.
If you have any fears as to whether these issues may affect you as a website owner, speak to your developer. Ask them if they manage other sites on your account and if so, how they can ensure that your site is isolated from sites within the same server.
How do you prevent cross-site contamination?
Isolation is key. Ensure all components and accounts are isolated to substantially reduce the chance of your site becoming a victim of cross-site contamination. Furthermore, you should prioritise sites; for example, if you have one site that is used more than others, ensure it is isolated and remember to isolate all accounts linked to this site.
These are just a few cost-effective solutions to minimise the threat of cross-site contamination. If you take the aforementioned precautions, you should greatly reduce the chance of your site being affected in future.