Web hosting security

When possible, your production sites running ProcessWire (or any CMS) should ideally be in a dedicated environment. This doesn't necessarily mean a dedicated server…

Rather, it means any environment where the file system is dedicated only to your website(s). Meaning, there aren't other users on the same server that can potentially see (or worse, modify) the files of your account(s) on the same server.

This dedicated environment could be a dedicated server, VPS, cloud server, or even shared hosting where accounts are completely jailed from one another. If in doubt, inquire with your web host about whether or not your environment is dedicated and/or completely jailed from other people. Typically, the budget hosting accounts are not dedicated environments, so be careful and choose wisely.

When in a dedicated environment, you have less to consider in terms of file security, and this is one of the main reasons why we recommend it. File permissions are not as great of a concern because there is not the possibility of other users on the same server getting into your files, regardless of your file permission settings. That doesn't mean that you can disregard file permissions as a security matter, but a dedicated environment does greatly reduce the odds of having uninvited guests shopping around in your files.

Latest news

  • ProcessWire Weekly #549
    In the 549th issue of ProcessWire Weekly we’re going to check out the latest core updates, highlight one older yet still very relevant third party module, and more. Read on!
    Weekly.pw / 17 November 2024
  • Custom Fields Module
    This week we look at a new ProFields module named Custom Fields. This module provides a way to rapidly build out ProcessWire fields that contain any number of subfields/properties within them.
    Blog / 30 August 2024
  • Subscribe to weekly ProcessWire news

“We were really happy to build our new portfolio website on ProcessWire! We wanted something that gave us plenty of control on the back-end, without any bloat on the front end - just a nice, easy to access API for all our content that left us free to design and build however we liked.” —Castus, web design agency in Sheffield, UK