Website Security and Permissions

Every website at Shanje is hosted securely from other sites hosted at Shanje. Even two websites located in the same hosting account are securely protected from each other. There are several things we do at Shanje to provide this level of security.

Each website runs as a separate application pool within IIS. This does use more memory on our end, but it provides the absolute best protection possible. Scripts in a given website run within the application pool for that website. To save memory, a lot of other hosts try to make all of the websites share an application pool. When websites share an application pool, those websites could possibly interact with each other (modifying files, deadlocking, crashing, etc). By placing each website in its own dedicated application pool, Shanje provides better security than other hosts.

Another advantage of running each website in its own dedicated application pool is that the crash or deadlock of one site does not affect any other sites. If one webmaster writes terrible code and causes the ASP or ASP.NET engine to deadlock in his site, other sites are not affected by his mistake. At hosts that force sites to share an application pool, a deadlock or crash in one site will usually cause the same problem for other sites.

Each website runs as its own Windows User. Every page and every script within a given website are processed as the Windows User for that website. Each website's User has limited access to files and folders on the server side. Each website's User can read and write to files within its own folder structure, but cannot access the files and folders owned by other websites. This means websites cannot alter each others files and folders.

By default, each website at Shanje has full read and write access to its own folder. The only exception is if you enable the FrontPage Server Extensions on a website. If the FrontPage Server Extensions are enabled, then the website's folder permissions are set to read only. If you have scripts that need to write to files in the site, then you should leave the FrontPage Server Extensions disabled. That way the website will be able to both read and write to its folder.