What are the security downsides to hosting static third-party content on a subdomain?
Posted on 23 Apr 2012 by Tavis.H
Anytime you host content uploaded by a third party, you run the risk of exposing your server to malicious files or even to hackers who exploit weaknesses in a user’s account. One possible way to avoid this situation is to host the third-party content on an entirely separate server. The question is: are there any downsides to this form of content hosting?
The answer can be somewhat complicated. First, it is important to note that simply using a subdomain (such as dave.davessite.tld) does not provide any security by itself, unless the subdomain points to a separate server, separate hosting account, separate VPS, or a content delivery network (CDN). Second, the type of file matters. Scripts, for example, could still potentially cause harm to your primary server even if hosted on the secondary one. True static content, such as images and videos, may be significantly safer.
Using a Content Delivery Network
Since hosting files on a separate server can be costly and require is own additional maintenance, many website owners may explore the possibility of using a CDN. A content delivery network is a service that specializes in hosting content, especially static content, and distributing it across a global network of servers. In addition to the security benefits, it is potentially faster, more reliable because of the redundancy, and reduces bandwidth costs.
Subdomain Setup
One way to make your content appear as though it is still hosted on your site is to use a subdomain. You can easily setup a subdomain in a hosting control panel, such as cPanel, by editing the DNS for your domain. WebHostingBuzz provides this functionality for all hosting accounts.