How secure

There are security issues when running a web site on a shared public web server. The web server generally runs as the user "nobody". Since anyone who has an account can put up a web site and run CGI scripts through the web server, they can effectively access any files or databases you make available to the web server running as "nobody".

One method to make some files slightly more secure is to use random-looking filenames, which are not easy to guess. Of course if you reference these files in a script which is publicly accessible, a hacker could examine the scripts/links and find the filename, but it would take some effort.

We also have on Vex.Net the capability for clients with Virtual Domains to run a "Private Virtual Web Server". This is a web server that runs with the user ID of the virtual host's main login. In this way you can make files/databases be owned by yourself and not readably by anyone else. The down side to this service is that it is very slow, having to start up a new web server for every hit. It may be used for security sensitive information, but will likely frustrate visitors to a public site. Nevertheless, this technique can be useful for web based administrative systems. You can find out more information about this service on the Virtual Private Server page.