I am helping to design several contests for webmasters.
Many of the contests will be much more easy and convenient, if I can give temporary cPanel access to people. What are the risks of giving cPanel access to a total stranger on "standard" shared hosting?

I'm not asking "will they steal my files?" The question is more about the danger of hackers busting in to other users accounts on the shared host, and / or people running "bots" and other programs which send spam, or spike the server load.

(Just for example) If I set up ~20 new cPanel accounts, and make it pretty easy for people to enter the contests, then (in your opinion) are the chances "very high" that a spammer or hacker will cause trouble. :shame:

Thank you :beer:

yes, they can.
once they uploaded a shell script and if ur server is not that secured,
then u will have to say bye bye to ur server.

Even if they paid you, there is the chance they will hack the servers, or install bots. You just have to secure your server as much as you can, and don't just give hosting to anyone.

yes, they can.
once they uploaded a shell script and if ur server is not that secured,
then u will have to say bye bye to ur server.


Even if they paid you, there is the chance they will hack the servers, or install bots. You just have to secure your server as much as you can, and don't just give hosting to anyone.
Good advice, thanks.

For the shell script they would obviously need root or ssh access, is this correct?

Not always. PHP shell_exec for example, can be ran by the user in the browser.
If you follow the security protocol properly, or even get a professional to do it for you, you'll be safe. Hopefully.

http://uk3.php.net/manual/en/function.shell-exec.php

Oh So free webhosting are not safe?

honestly, even the cronjob can do the work if a person wan to hack the server
:)

Oh So free webhosting are not safe?
Of course it is not. Anybody can sign up and get access to your server while abusing it. Maybe some hosting provider are successful with it but I don't see the viability of doing it (providing free hosting).

You have to remember that nothing is completely secure and that there are always gonna be hackers around the Internet looking to destroy others' things.

What are the risks of giving cPanel access to a total stranger on "standard" shared hosting?
I wouldn't do it for anyone. A couple have asked for it when I have bought a site from them, but I just tell them to zip the files and email it to me.

Free Hosting can be safe to give away. Its just that you have to know how to properly secure your server. shell_exec is very easy to disable if you know what you are doing.

Oh So free webhosting are not safe?

yh .. its not safe and also now hosting is very cheap pay little amount and keep your site in the safe place

Its not safe ask them to give you the files as jan said in a .zip file and just unzip them use filezilla or another ftp program to easaly transfer the files.

Ah , Anyone know how to prevent from those stuff from happening

Secure and monitor your servers.

All I have to add to this is ........ BACKUPS

Free or even paid hosting will never be safe. My paid hosting has had hack attempts just as much as my free. All you can do is secure your server properly and maintain good backups. Because no matter how secure you are, there will always be a hole somewhere.

All I have to add to this is ........ BACKUPS

Free or even paid hosting will never be safe. My paid hosting has had hack attempts just as much as my free. All you can do is secure your server properly and maintain good backups. Because no matter how secure you are, there will always be a hole somewhere.

IMO if you go for managed server hosting package you are more safe and dont have to worry for you server security.

If I do ever give out cpanel access for my sites to anyone then it is ONLY ever to people I know for certain I can trust, you can always create a cpanel account with only minimum features for the purposes of the contests, such as with php, mysql etc only and while the contests are running turn of certain features on your server.

Personally I wouldn't risk it.