unfortunately no host can afford to tell all their customers "your better off elsewhere". It would not be cost efficient at all to give a shared hosting customer their own server for the same price, they would lose money, I doubt the cost would even be remotely covered.
Both of hose solutions would put any host out of business very quickly. On Mon, Feb 11, 2013 at 10:37 AM, Andrew Scott <andr...@andyscott.id.au>wrote: > > Yeah I guess, but that is why there are log files so there is really no > excuse. But how cost efficient would it be to just move those people over > to their own server so they can effect themselves? > > And I would bet that it is these people who also turn off UAC on Windows > and get all types of infections and could very well be the ones ftping up > infected files to begin with. > > Russ, I hear you but then maybe they are better of else where if they can't > understand the implications. > > > -- > Regards, > Andrew Scott > WebSite: http://www.andyscott.id.au/ > Google+: http://plus.google.com/113032480415921517411 > > > On Mon, Feb 11, 2013 at 9:15 PM, Russ Michaels <r...@michaels.me.uk> > wrote: > > > > > Unfortunately Andrew things are never that simple. > > For every customer like yourself who wants this turned off, there will be > > 100 customers who want it turned on. > > > > Most people do not know about or care about the security side of hosting, > > and just want everything enabled which makes their life easier. > > So as soon as they hear the word "disabled", their initial response will > be > > things like. > > 1) Our previous host did not do this > > 2) Then we will have to look for another host > > > > Many hosts are i'm sure simply giving in to the demands of the majority > of > > their customers and providing them with the services they want even > though > > they are insecure. > > > > I regularly explain to customers/developers why cfexecute is disabled, by > > they do not have read/write access to the entire server, why > > createobject(java) is disabled by default, and in in general why things > > have to be locked down on a shared server. > > We do however stick to our main security policies, so our servers are > more > > secure than most, but this of course comes at a cost as many customers > > simply will not accept such restrictions and would rather go and find an > > insecure host instead. > > > > At the end of the day If you want security and control over your hosting > > environment the solution is simple, "DO NOT USE SHARED HOSTING". > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354450 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm