Overview
CageFS is a virtualized file system that isolates hosting users from each other. It helps prevent one account from seeing sensitive files from another account or the server.
Benefits
- Hides other users and many system files.
- Reduces information disclosure.
- Works with CloudLinux PHP Selector and shared hosting controls.
- Helps contain compromised accounts.
Operations
Server owners should keep CageFS initialized and enabled for users. After installing new system software that users need, update the CageFS skeleton so the software becomes available inside user cages.
Detailed setup notes
CageFS gives each user a limited view of the filesystem. It helps keep shared hosting accounts isolated and reduces the information available to compromised scripts.
Operational checklist
- CageFS is initialized.
- Users are enabled in CageFS.
- The CageFS skeleton is updated after adding software users need.
- PHP Selector, common binaries, and required extensions are available inside the cage.
- Support staff know that a command visible to root may not be visible inside a user's cage until CageFS is updated.
Customer impact
Customers should not normally notice CageFS unless a script expects access to a restricted path or binary. In that case, review whether the request is safe for shared hosting before exposing more tools.
Reference links
- CloudLinux CageFS: https://docs.cloudlinux.com/cloudlinuxos/command-line_tools/#cagefs
Shared hosting impact
CloudLinux and CageFS protect the whole server by isolating users and limiting runaway accounts. When a site hits limits, the fix may be optimization, malware cleanup, bot blocking, plan upgrade, or moving to VPS/dedicated hosting.
Quick support handoff
If this article does not solve the issue, open a support ticket with the domain, service name, exact error, time the problem started, and what changed recently.
