Managing Security on Shared Hosting
Many users of shared hosting accounts have several domain names and sites. These sites should all be given separate access privileges. Managing this type of security is similar to managing other security concerns.
Usernames and passwords are the first line of security. You'll want to create separate usernames and passwords for everyone who uses your site, whether it be for designing and uploading pages or for downloading information collected at the site. Making certain that everyone has their own username and password allows the site administrator to more accurately track the activities of users.
Passwords for any web server should follow some basic conventions. Remember, these servers are, by definition, out on the web which means that security is paramount. Dictionary words should never be used as passwords. Your password should never be related to your username. Make sure your webhosting password is not a recycled password from a different account. It should exist solely for the server. Your password itself should contain at least one number, a capital letter and one special symbol, provided the server allows this. You should insist on the same conventions for any other site user.
Permissions define how much a user is allowed to do on the site. Make sure to keep your permissions tight. A web designer, for instance, has no reason to have access to the billing information. Your web interface should give you a list of options as to what permissions apply to any given user.
