Hide or protect your data from host company!

i serviced a linux host from one of host company in my town .
i want to know is there any way to protect my MYSQL database and my emails
protected or hidden from them ?

I doubt you will find any host provider that will allow you to hide anythig from them.

If I was running a hosting service and a client wanted to hide stuff from me, the first thing I would wonder is what malicious code could they be trying to hide.

so all data like your mysql database , email and your files could not protect or hide by client !?
i mean is some kind of software that encrypt your source code file HTML & PHP .
by this could we able to disable host company to use our files for itself ?

You can encrypt all your html and database data if you like but there are pros and cons for all that.

There is a truck load of information on encryption on :google:

Is there any particular reason that you want to hide information for them? If for some reason you don’t trust them I would suggest to change host!

you know , i think a host company that serviced me use my files and my websites , due to they have my source codes they change it a little and use it for themselves .
of course i understand this matter eventually when one of my friend bought a website from my host company (that design website too ) i see it is exactly look like one of my website with a little change
also when i speak with my customers (i have a eshop ) they told me they receive a lot of advertising sms !? meanwhile i have their mobile no. in my sql database .
so i have a doubt that company do its fairly policy !

In that case I would change host. What sense does it make to stay with them?

Definitely change host if you don’t trust your current host with your data.

They need to have access to your data in order to be able to do the job you are paying them to do - keep your site online. Without access to your data they would be unable to do many of the background tasks they need to do to achieve that.

Also the local access on the computer will always be more than any remote access will be.

Encrypting your data will not work either since they will have access to everything needed to decrypt unless you remove their ability to do that in which case you’d remove everyone else’s ability to do so as well and may as well not have a web site.

Get a dedicated server, change the root password, remove any SSH keys, and then effectively short of them rebooting into single-user mode they won’t have access to your data/files. I mean they could always pull the drives out, but why bother if they have direct access to the server to log in under single user.

Beyond that, hosting is a bi-directional TRUST relationship… If you don’t trust your provider, then you are using the wrong provider.

Of course that removes their ability to manage the server and so the first time it crashes it will stay crashed until you give them the password so that they can reboot it for you.

Yes, and anybody managing the server is going to have access to the data on said server. If you are paranoid to the level of the OP in this thread, it’s not too far to go I wouldn’t think.

I don’t advise it, but hey, you gotta do what you gotta do to keep your work safe from all of those greedy thieving hosting providers. :rolleyes:

That’s assuming the facility doesn’t have a KVM / IPMI setup which most large providers have (usually in case the network goes kaput / kernel panics / etc).

And they still won’t be able to do more than look at the login screen without the root password unless they reboot into single user mode (which as I said above, they can do by physically walking up to the server and jacking in a keyboard, mouse, and a monitor).

At least, I don’t know any providers that have KVM set to auto-log in.

To be able to auto-login they’d need to know the password.

Without knowing a root/admin password for the server they can’t bring it back up if it crashes unless they first reinstall the operating system so as to give them a login that they can use.

Depending on your definition of “crash” and what actually happened, it’s quite easy to boot into single-user mode to fix a server or to at the least reset the root password so that it can be booted up normally and fixed.

If you are trying to hide information from your web hosting company - that means that you do not trust your web hosting company. I do not think that it worth to wait for something similar in return.
You need to trust each other if you want long term relationships.

Definitely change host if you don’t trust your current host with your data.

I would recommend this as well. If you can’t trust your current host, find a web host that you can trust.

Doing that would either give access to the information that the OP doesn’t want their host to have access to (in which case they haven’t achieved what they want) OR the site content is inaccessible via that login (in which case the reboot hasn’t brought the site back up). Either way the OP doesn’t get what they want - an operational site where the hosting provider has no access to the server the site is running on.

No need to hide anything for me. I highly doubt they are going to find my data very useful anyway. If you don’t want your data to be seen, it shouldn’t be uploaded to your servers anyway.

If you are using the server as a back up, you shouldn’t be; use an external hard drive.

I agree. And in case you still need to hide the data a dedicated server is the way to go. You can completely restrict access to your server.