gem version

Using Passenger when providing shared-hosting

Relevant selection for this article:


There are special considerations that must be made when designing a multi-tenant shared hosting system.

This guide assumes that you are already familiar with installing and using Passenger. And serves as a prompt to consider issues particular to shared hosting.

The information in this section applies equally to the open source version and to the Enterprise version.

Table of contents

  • Loading...

Conceptual overview

The main concerns to consider when setting up a shared hosting environment are as follows:

  1. Which configuration options allow customers to elevate privileges.
  2. Which configuration options will be provided to customers.

Step 1: Review the configuration options for Nginx:

Some options such as (but not limited to) passenger_user_switching allow a user to control what system user their app process runs as, and as such can be used to elevate privileges fairly trivially, or to interfere with other customers' processes. Therefore it is necessary to evaluate all of the configuration options provided by Passenger and whether they are safe to allow customers to control.

Step 2: Limit customer configuration to safe options:

We highly recommend whitelisting the configuration options that a user can set by not including any user controlled files/contents into your server's config.

light mode dark mode
Passenger 6 Passenger 6