Re:General Security setting
there are the things we should/could do for the server in general, and then there are the things HC are doing - and what are they? maybe its time for HC to publish a security document showing what they do to isolate websites, users and so on from each other.
on linux (where we have teste the most so fare) we already asked several questions with no good reply. You did implement simple improvements like openbasedir for PHP protection (still without really understanding them I see since its still not possible to add own dirs where its supposed to be able to write/read maybe /tmp - so most CMS still will not really work without manual intervention :| ) but if you allow perl maybe its still very easy to hack a linux HC server not to mention all the more simple user mistakes that can bring down a linux server. Deleting the log dir, deleting the httpd conf included file in the user root.
a big issue for users with more sites are ofcause the shared FTP account so a compromised FTP login can damage as much as possible - especially for websites that uses FTP as a file access possibility - joomla maybe more.
why is it possible/needed that the rootfolders of the server are world readable AND writeable making it easy to delete hole user and reseller folder structures if you have any kind of access to the server?
ftpusers are all homed in the main root of the site its not possible to chroot them somewhere in a subfolder - you can ofcause set acl so they can only see what they are missing - but still not nice for sharing access as it shows the "goodies".
the list goes on.
Windows - we have not looked to much yet. Things I find strange - why are there so many users created that seams to have no use? there are users named [domain]_web - but why - what are they used for? The app pools all run with the same identity - does this not mean that if you need write access or any access to the folders actually even to see websites, then you can actually just decent all websites and read and if you set write permissions for a site because you need (and often with CMS you need because they write images, templates even web.config, then anyone from any other website on the same server can, if they can find your path, read/write anything again?
the sites are all created in full trust I think - why?
its not convincing..
why not publish some documentation showing why/what you do to keep sites and users apart, stable and running.
as I said - on linux there are suprisingly many SIMPLE things a user can do to bring down a server and the to most simple are so simple and obvious that users keep doing it because they dont know better - simple mistakes. Log on by FTP seeing a file they think is strange thinking "I will better delete this file I dont know what is in my root folder" and bang - the server - the HOLE server is down. Nice HC...