Setting up a shared hosting web server (and keeping it secure)

[sKunKbad]

I've got a Ubuntu server, and I have name based virtual hosting. The server is on a dynamic IP, and I use zoneedit/ddclient to keep it running 24/7.

 

The server has the typical LAMP installation, and has phpMyAdmin installed, but I'm wondering how to let each website have its own installation of phpMyAdmin, or how to let all the websites use the same installation, but keep it secure. Also, I currently use Filezilla3 and its SFTP connection to move files back and forth, but how would I set up regular FTP so that a website owner could only access their account?

 

Do I only install phpMyAdmin and FTP once, and then configure them, or is there a better way of doing it? I've tried searching for some tutorials, but haven't come across anything.

 

The current O/S could be scrapped and I could start from scratch if it matters, but I do want to stay with either Debian or Ubuntu.

[angelcool]

chroot; you must have some experience to set it up and could be a very tedious task.

[steviewdr]

Do I only install phpMyAdmin and FTP once, and then configure them.

Yes.

 

Apt-get everything. This way when security holes are found, a simple apt-get upgrade will install the latest updates.

 

As for FTP, ideally you should run it in a chroot, but proftpd will let you seperate user accounts in its config with this line:

DefaultRoot ~

 

-steve

[sKunKbad]

Hey thanks for your replies. I'm still learning more about my server, and also learning more about Linux in general.