Security in a Hosted Environment

Windows NT-based Web servers are crawling with opportunities for malicious intruders. Microsoft's programming philosophy for NT is to make the OS's powerful capabilities easy to access. This philosophy is dangerous for a Web server, especially in a shared-hosting environment.

Consider the capabilities of NT application servers such as ASP and Allaire's ColdFusion. You use these applications to write code templates that invoke services on a system in the form of components. These services usually require a higher-privileged user level than the application, but if the application has unrestricted access to powerful components, such as the ASP FileSystemObject, intruders can use the application to wreak havoc on programs and data.

The Windows NT Magazine UPDATE email newsletter recently documented security holes in the standard installations of ColdFusion and Microsoft Internet Information Server (IIS--for details about IIS's security flaws, see Windows NT Magazine Security UPDATE, May 19, 1999). An administrator can easily plug these holes, but their existence supports the idea that accessibility is a trade-off with security.

Ease of use is an advantage of Windows systems, and reducing Windows' usability to UNIX's level to gain security doesn't make sense. However, NT security concerns lead some Web-hosting services to restrict your access to features. For example, some services let you use a secure Web page to create and modify ODBC Data Source Names (DSNs), and some services even let you create usernames and passwords and assign user rights to directories. But NT-hosting services often require you to make a customer service request to make such changes.

What can you do to improve security? You can test your code on a nonproduction server, being especially careful with native components. In addition, upgrading your site to run on a dedicated server greatly improves your server's security and stability.