[Hosting] Hosting Feedback

So I have been trying the new hosting for a while, and as you are asking for feedback I thought I should provide it:

1) PHP:- Are we going to be able to add/remove PHP extensions via the control panel?
2) PHP:- Are we going to be able to control PHP settings via the control panel?
3) Nginx/Defender:- One of the "tweaks" for Defender is to turn off code execution, is this something we are going to be able to turn on/off/configure?
4)Bit of an issue:- because you have seperated the SSH/SFTP accounts, if I want to upload a file outside of the public_html directory (ie a zip file for uncompressing) I can upload it via the ftp account, but the ssh account cannot see the file (wrong permissions), we could do with another "shared" folder OR accounts that can be used on ssh and sftp.
5) PCI Compliance - will any of the hosting levels be PCI compliant for hosting woocommerce sites?

Kind regards

Mark

  • Adam Czajczyk
    • Support Gorilla

    Hi Mark

    I hope you're well today!

    1) PHP:- Are we going to be able to add/remove PHP extensions via the control panel?
    2) PHP:- Are we going to be able to control PHP settings via the control panel?

    No, it's not possible as it's a managed hosting with a configuration pre-defined.

    Nginx/Defender:- One of the "tweaks" for Defender is to turn off code execution, is this something we are going to be able to turn on/off/configure?

    That should already be turned on and "hard fixed" - so not changeable.

    4)Bit of an issue:- because you have seperated the SSH/SFTP accounts, if I want to upload a file outside of the public_html directory (ie a zip file for uncompressing) I can upload it via the ftp account, but the ssh account cannot see the file (wrong permissions), we could do with another "shared" folder OR accounts that can be used on ssh and sftp.

    The hosting is designed for running sites rather than using it as a storage, where "one plan = one site". Of course there are multiple cases when you'd want to upload such zip file in order to extract it there but that would mostly be site-related things, I assume. Is there any specific reason for uploading them outside the site directory instead of e.g. some temporary sub-folder inside it? We're open for all suggestions so I'll be happy to discuss this with our hosting team.

    5) PCI Compliance - will any of the hosting levels be PCI compliant for hosting woocommerce sites?

    That's a fair question and I'm not quite sure about the response yet so I've asked our hosting team about it and will let you know here once I got an explanation on this. Please keep an eye on this ticket and I'll update you here as soon as possible regarding this.

    Best regards,
    Adam

  • Adam Czajczyk
    • Support Gorilla

    Hi Mark

    I just got an update about the PCI compliance. We are compliant already in that sense that as long as you're using a 3rd party payment gateway and never store customer credit card info locally, it's all fine.

    If you're using compliant payment processor such as e.g. Stripe, PayPal and so on, the site would be compliant.

    Best regards,
    Adam

  • Mark
    • WPMU DEV Initiate

    Hi Adam,

    With regards 2 above, surely it is possible? you can use a user.ini file with nginx to modify php variables on a per site/per directory level (In fact I have a plugin in use that does just this), it would just be nice to have a gui of some sort in the admin panel to do it as well.

    With regards 4, yes its all about site maintenance etc (definitely not about storage or file sharing). It just means that anytime I want to manually install files on the server (even once the site is live), I would need to copy it up to a temporary directory within the public area prior to logging in via ssh to move it and unzip it etc. While its not a huge issue it really does trigger my security twitch, having a shared account for ssh/sftp would fix that ( or another non-public directory with similar sticky permission bits set).

    Kind regards

    Mark

  • James Farmer
    • CEO (of WPMU DEV, honest)

    re:

    "4)Bit of an issue:- because you have seperated the SSH/SFTP accounts, if I want to upload a file outside of the public_html directory (ie a zip file for uncompressing) I can upload it via the ftp account, but the ssh account cannot see the file (wrong permissions), we could do with another "shared" folder OR accounts that can be used on ssh and sftp."

    I'm supportive of this, thanks for bringing it up, and I'm actually keen on it being usable for storage if required too - I'll refer this to the team for more discussion, they may come back and ask more questions.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.