{"id":4926,"date":"2026-02-10T16:53:52","date_gmt":"2026-02-10T13:53:52","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/reseller-hostingde-musteri-izolasyonu-chroot-cagefs-ve-ayri-php-fpm-havuzlari\/"},"modified":"2026-02-10T16:53:52","modified_gmt":"2026-02-10T13:53:52","slug":"reseller-hostingde-musteri-izolasyonu-chroot-cagefs-ve-ayri-php-fpm-havuzlari","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/reseller-hostingde-musteri-izolasyonu-chroot-cagefs-ve-ayri-php-fpm-havuzlari\/","title":{"rendered":"Reseller Hosting\u2019de M\u00fc\u015fteri \u0130zolasyonu: Chroot, CageFS ve Ayr\u0131 PHP\u2011FPM Havuzlar\u0131"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Reseller_Hostingde_Musteri_Izolasyonu_Neden_Bu_Kadar_Kritik\"><span class=\"toc_number toc_depth_1\">1<\/span> Reseller Hosting\u2019de M\u00fc\u015fteri \u0130zolasyonu Neden Bu Kadar Kritik?<\/a><\/li><li><a href=\"#Reseller_Hosting_Mimarisi_ve_Tipik_Riskler\"><span class=\"toc_number toc_depth_1\">2<\/span> Reseller Hosting Mimarisi ve Tipik Riskler<\/a><ul><li><a href=\"#Paylasimli_Kaynaklar_ve_Gurultucu_Komsu_Problemi\"><span class=\"toc_number toc_depth_2\">2.1<\/span> Payla\u015f\u0131ml\u0131 Kaynaklar ve G\u00fcr\u00fclt\u00fcc\u00fc Kom\u015fu Problemi<\/a><\/li><li><a href=\"#cPanel_ve_DirectAdminde_Yapisal_Farklar\"><span class=\"toc_number toc_depth_2\">2.2<\/span> cPanel ve DirectAdmin\u2019de Yap\u0131sal Farklar<\/a><\/li><\/ul><\/li><li><a href=\"#Chroot_ile_Dosya_Sistemi_Seviyesinde_Izolasyon\"><span class=\"toc_number toc_depth_1\">3<\/span> Chroot ile Dosya Sistemi Seviyesinde \u0130zolasyon<\/a><ul><li><a href=\"#cPanelde_Jailed_SSH_ve_Chroot_Mantigi\"><span class=\"toc_number toc_depth_2\">3.1<\/span> cPanel\u2019de Jailed SSH ve Chroot Mant\u0131\u011f\u0131<\/a><\/li><li><a href=\"#DirectAdminde_chroot_Kullanimi\"><span class=\"toc_number toc_depth_2\">3.2<\/span> DirectAdmin\u2019de chroot Kullan\u0131m\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#CloudLinux_CageFS_ile_Gelismis_Kullanici_Izolasyonu\"><span class=\"toc_number toc_depth_1\">4<\/span> CloudLinux CageFS ile Geli\u015fmi\u015f Kullan\u0131c\u0131 \u0130zolasyonu<\/a><ul><li><a href=\"#CageFS_Neyi_Cozuyor\"><span class=\"toc_number toc_depth_2\">4.1<\/span> CageFS Neyi \u00c7\u00f6z\u00fcyor?<\/a><\/li><li><a href=\"#CageFS_ve_LVE_Kaynak_Limitleri\"><span class=\"toc_number toc_depth_2\">4.2<\/span> CageFS ve LVE Kaynak Limitleri<\/a><\/li><\/ul><\/li><li><a href=\"#Ayri_PHPFPM_Havuzlari_ile_Uygulama_Katmani_Izolasyonu\"><span class=\"toc_number toc_depth_1\">5<\/span> Ayr\u0131 PHP\u2011FPM Havuzlar\u0131 ile Uygulama Katman\u0131 \u0130zolasyonu<\/a><ul><li><a href=\"#PHPFPM_Havuzu_Nedir\"><span class=\"toc_number toc_depth_2\">5.1<\/span> PHP\u2011FPM Havuzu Nedir?<\/a><\/li><li><a href=\"#Neden_Her_Musteri_Icin_Ayri_FPM_Havuzu\"><span class=\"toc_number toc_depth_2\">5.2<\/span> Neden Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 FPM Havuzu?<\/a><\/li><\/ul><\/li><li><a href=\"#cPanelde_Musteri_Izolasyonu_Icin_Onerilen_Tasarim\"><span class=\"toc_number toc_depth_1\">6<\/span> cPanel\u2019de M\u00fc\u015fteri \u0130zolasyonu \u0130\u00e7in \u00d6nerilen Tasar\u0131m<\/a><ul><li><a href=\"#1_Her_Musteri_Icin_Ayri_cPanel_Hesabi\"><span class=\"toc_number toc_depth_2\">6.1<\/span> 1. Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 cPanel Hesab\u0131<\/a><\/li><li><a href=\"#2_CloudLinux_CageFS_LVE_Etkinlestirme\"><span class=\"toc_number toc_depth_2\">6.2<\/span> 2. CloudLinux + CageFS + LVE Etkinle\u015ftirme<\/a><\/li><li><a href=\"#3_Her_Site_Icin_Ayri_PHPFPM_Havuzu\"><span class=\"toc_number toc_depth_2\">6.3<\/span> 3. Her Site \u0130\u00e7in Ayr\u0131 PHP\u2011FPM Havuzu<\/a><\/li><li><a href=\"#4_cPanel_Hesap_Guvenligi_ve_Erisim\"><span class=\"toc_number toc_depth_2\">6.4<\/span> 4. cPanel Hesap G\u00fcvenli\u011fi ve Eri\u015fim<\/a><\/li><\/ul><\/li><li><a href=\"#DirectAdminde_Musteri_Izolasyonu_Icin_Onerilen_Tasarim\"><span class=\"toc_number toc_depth_1\">7<\/span> DirectAdmin\u2019de M\u00fc\u015fteri \u0130zolasyonu \u0130\u00e7in \u00d6nerilen Tasar\u0131m<\/a><ul><li><a href=\"#1_Her_Musteri_Icin_Ayri_User_Her_Site_Icin_Ayri_Domain\"><span class=\"toc_number toc_depth_2\">7.1<\/span> 1. Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 User, Her Site \u0130\u00e7in Ayr\u0131 Domain<\/a><\/li><li><a href=\"#2_CloudLinux_Entegrasyonu_ve_CageFS\"><span class=\"toc_number toc_depth_2\">7.2<\/span> 2. CloudLinux Entegrasyonu ve CageFS<\/a><\/li><li><a href=\"#3_PHPFPM_Havuzlarinin_Kullanici_Bazli_Ayrilmasi\"><span class=\"toc_number toc_depth_2\">7.3<\/span> 3. PHP\u2011FPM Havuzlar\u0131n\u0131n Kullan\u0131c\u0131 Bazl\u0131 Ayr\u0131lmas\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#Ajanslar_Freelancerlar_ve_SaaS_Gelistiricileri_Icin_Senaryolar\"><span class=\"toc_number toc_depth_1\">8<\/span> Ajanslar, Freelancer\u2019lar ve SaaS Geli\u015ftiricileri \u0130\u00e7in Senaryolar<\/a><ul><li><a href=\"#Senaryo_1_30_WordPress_Sitesi_Yoneten_Ajans\"><span class=\"toc_number toc_depth_2\">8.1<\/span> Senaryo 1: 30+ WordPress Sitesi Y\u00f6neten Ajans<\/a><\/li><li><a href=\"#Senaryo_2_ETicaret_Agi_Yoneten_Girisim\"><span class=\"toc_number toc_depth_2\">8.2<\/span> Senaryo 2: E\u2011Ticaret A\u011f\u0131 Y\u00f6neten Giri\u015fim<\/a><\/li><li><a href=\"#Senaryo_3_MultiTenant_SaaS_Uygulamasi\"><span class=\"toc_number toc_depth_2\">8.3<\/span> Senaryo 3: Multi\u2011Tenant SaaS Uygulamas\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#DCHostta_Izolasyon_Standartlarimiz\"><span class=\"toc_number toc_depth_1\">9<\/span> DCHost\u2019ta \u0130zolasyon Standartlar\u0131m\u0131z<\/a><\/li><li><a href=\"#Sonuc_Saglam_Izolasyon_Surdurulebilir_Reseller_Is_Modelinin_Temeli\"><span class=\"toc_number toc_depth_1\">10<\/span> Sonu\u00e7: Sa\u011flam \u0130zolasyon, S\u00fcrd\u00fcr\u00fclebilir Reseller \u0130\u015f Modelinin Temeli<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Reseller_Hostingde_Musteri_Izolasyonu_Neden_Bu_Kadar_Kritik\">Reseller Hosting\u2019de M\u00fc\u015fteri \u0130zolasyonu Neden Bu Kadar Kritik?<\/span><\/h2>\n<p>Reseller hosting kullan\u0131yorsan\u0131z asl\u0131nda k\u00fc\u00e7\u00fck bir hosting firmas\u0131 i\u015fletiyorsunuz demektir. Ayn\u0131 fiziksel sunucuda, ayn\u0131 i\u015fletim sistemi ve web sunucusu \u00fczerinde birden fazla m\u00fc\u015fterinin sitesini bar\u0131nd\u0131r\u0131yorsunuz. Bu yap\u0131 maliyet a\u00e7\u0131s\u0131ndan \u00e7ok avantajl\u0131d\u0131r; ancak g\u00fcvenlik, performans ve hukuki sorumluluk taraf\u0131nda ciddi riskleri de beraberinde getirir. Bir m\u00fc\u015fterinin zafiyeti, yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f bir PHP beti\u011fi veya yo\u011fun trafikli bir kampanya, di\u011fer t\u00fcm m\u00fc\u015fterilerin sitelerini etkileyebilir. \u0130\u015fte tam bu noktada <strong>m\u00fc\u015fteri izolasyonu<\/strong> hayat kurtar\u0131r.<\/p>\n<p>cPanel ve DirectAdmin gibi paneller, reseller hesaplar\u0131n alt\u0131na \u00e7ok say\u0131da kullan\u0131c\u0131 ve alan ad\u0131 tan\u0131mlamaya izin verir. Fakat sadece panel \u00fczerinden kullan\u0131c\u0131 olu\u015fturmak tek ba\u015f\u0131na yeterli de\u011fildir. Dosya sistemi, PHP \u00e7al\u0131\u015ft\u0131rma modeli, SSH eri\u015fimi, MySQL ba\u011flant\u0131lar\u0131 ve kaynak limitleri ayr\u0131 ayr\u0131 d\u00fc\u015f\u00fcn\u00fclmelidir. Bu yaz\u0131da DCHost olarak g\u00fcnl\u00fck operasyonlar\u0131m\u0131zda da uygulad\u0131\u011f\u0131m\u0131z yakla\u015f\u0131mla, <strong>chroot<\/strong>, <strong>CloudLinux CageFS<\/strong> ve <strong>ayr\u0131 PHP\u2011FPM havuzlar\u0131<\/strong> kullanarak cPanel ve DirectAdmin ortamlar\u0131nda pratik, g\u00fcvenli ve s\u00fcrd\u00fcr\u00fclebilir m\u00fc\u015fteri izolasyonunun nas\u0131l kurgulanaca\u011f\u0131n\u0131 ad\u0131m ad\u0131m anlataca\u011f\u0131z.<\/p>\n<p>Yaz\u0131y\u0131 \u00f6zellikle ajanslar, freelancer\u2019lar ve 20+ site y\u00f6neten k\u00fc\u00e7\u00fck hosting i\u015fleticileri i\u00e7in haz\u0131rlad\u0131k. E\u011fer h\u00e2lihaz\u0131rda bir reseller paketiniz varsa veya DCHost \u00fczerinde yeni bir reseller \/ kurumsal hosting mimarisi planl\u0131yorsan\u0131z, burada anlataca\u011f\u0131m\u0131z prensiplerle hem kendi gecenizi rahat uyursunuz hem de m\u00fc\u015fterilerinize kurumsal seviyede bir g\u00fcvenlik ve performans sunabilirsiniz.<\/p>\n<h2><span id=\"Reseller_Hosting_Mimarisi_ve_Tipik_Riskler\">Reseller Hosting Mimarisi ve Tipik Riskler<\/span><\/h2>\n<p>Reseller hesaplarda temel mimari genelde benzerdir: Ayn\u0131 sunucuda onlarca, bazen y\u00fczlerce cPanel veya DirectAdmin kullan\u0131c\u0131s\u0131 bulunur. T\u00fcm bu kullan\u0131c\u0131lar ayn\u0131 Linux \u00e7ekirde\u011fini, ayn\u0131 web sunucusunu (Apache, LiteSpeed, Nginx vb.) ve \u00e7o\u011fu zaman ayn\u0131 PHP motorunu payla\u015f\u0131rlar. Do\u011fru izolasyon yoksa bir kullan\u0131c\u0131n\u0131n yapt\u0131\u011f\u0131 hata, kom\u015fu hesaplar\u0131 do\u011frudan etkileyebilir.<\/p>\n<h3><span id=\"Paylasimli_Kaynaklar_ve_Gurultucu_Komsu_Problemi\">Payla\u015f\u0131ml\u0131 Kaynaklar ve G\u00fcr\u00fclt\u00fcc\u00fc Kom\u015fu Problemi<\/span><\/h3>\n<p>Reseller ortam\u0131nda s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz problemlerden baz\u0131lar\u0131 \u015funlard\u0131r:<\/p>\n<ul>\n<li>Bir m\u00fc\u015fterinin yo\u011fun trafi\u011fi CPU ve RAM\u2019i t\u00fcketir, di\u011fer siteler yava\u015flar.<\/li>\n<li>K\u00f6t\u00fc yaz\u0131lm\u0131\u015f bir PHP script sonsuz d\u00f6ng\u00fcye girer, t\u00fcm PHP s\u00fcre\u00e7lerini kitler.<\/li>\n<li>Yanl\u0131\u015f CHMOD\/CHOWN izinleri y\u00fcz\u00fcnden ba\u015fka kullan\u0131c\u0131n\u0131n dosyalar\u0131na eri\u015fim a\u00e7\u0131l\u0131r.<\/li>\n<li>Payla\u015f\u0131lan PHP handler (\u00f6rne\u011fin mod_php veya tek bir FPM havuzu) alt\u0131nda t\u00fcm siteler ayn\u0131 kullan\u0131c\u0131 gibi g\u00f6r\u00fcn\u00fcr.<\/li>\n<\/ul>\n<p>Bu senaryolar, sadece performans sorunlar\u0131na de\u011fil ayn\u0131 zamanda <strong>veri s\u0131z\u0131nt\u0131s\u0131<\/strong>, <strong>KVKK\/GDPR ihlali<\/strong> ve <strong>marka itibar kayb\u0131<\/strong> gibi \u00e7ok daha kritik sonu\u00e7lara da yol a\u00e7abilir. \u00d6zellikle veri mahremiyetine odaklanan yap\u0131lar i\u00e7in, daha \u00f6nce anlatt\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/saas-uygulamalari-icin-musteri-verisi-ayristirma-ve-hosting-rehberi\/'>SaaS uygulamalar\u0131nda m\u00fc\u015fteri verisini ayr\u0131\u015ft\u0131rma mimarileri<\/a> ile reseller hosting mant\u0131\u011f\u0131 birebir benzerlik ta\u015f\u0131r.<\/p>\n<h3><span id=\"cPanel_ve_DirectAdminde_Yapisal_Farklar\">cPanel ve DirectAdmin\u2019de Yap\u0131sal Farklar<\/span><\/h3>\n<p>cPanel taraf\u0131nda genellikle her m\u00fc\u015fteri i\u00e7in ayr\u0131 bir cPanel hesab\u0131 olu\u015fturmak en sa\u011fl\u0131kl\u0131 yakla\u015f\u0131md\u0131r. Buna ra\u011fmen pratikte pek \u00e7ok ajans, bir hesab\u0131n alt\u0131nda <em>addon domain<\/em> olarak onlarca site bar\u0131nd\u0131rmay\u0131 tercih ediyor. Bu, hem g\u00fcvenlik hem de e-posta ve log y\u00f6netimi a\u00e7\u0131s\u0131ndan risklidir. Bu konuyu detayl\u0131 olarak <a href='https:\/\/www.dchost.com\/blog\/ayri-cpanel-hesabi-mi-addon-domain-mi-guvenlik-e-posta-ve-seo-acisindan-dogru-secim\/'>ayr\u0131 cPanel hesab\u0131 m\u0131 addon domain mi sorusunu inceledi\u011fimiz yaz\u0131m\u0131zda<\/a> ele alm\u0131\u015ft\u0131k.<\/p>\n<p>DirectAdmin taraf\u0131nda ise reseller hesab\u0131 alt\u0131na her m\u00fc\u015fteri i\u00e7in ayr\u0131 <em>User<\/em> olu\u015fturmak ve her alan ad\u0131n\u0131 o kullan\u0131c\u0131n\u0131n i\u00e7ine yerle\u015ftirmek benzer \u015fekilde en g\u00fcvenli y\u00f6ntemdir. Her iki panelde de dosya sistemi, PHP \u00e7al\u0131\u015ft\u0131rma modeli ve kernel d\u00fczeyindeki izolasyonun nas\u0131l sa\u011fland\u0131\u011f\u0131na bakmadan, sadece panelde kullan\u0131c\u0131 olu\u015fturmakla yetinmek uzun vadede ciddi sorunlar do\u011furur.<\/p>\n<h2><span id=\"Chroot_ile_Dosya_Sistemi_Seviyesinde_Izolasyon\">Chroot ile Dosya Sistemi Seviyesinde \u0130zolasyon<\/span><\/h2>\n<p><strong>chroot<\/strong> (change root), bir s\u00fcrecin g\u00f6rd\u00fc\u011f\u00fc k\u00f6k dizini (<code>\/<\/code>) yapay olarak de\u011fi\u015ftirmeye yarayan klasik bir Unix mekani\u011fidir. Bir kullan\u0131c\u0131y\u0131 chroot i\u00e7ine ald\u0131\u011f\u0131n\u0131zda, o kullan\u0131c\u0131 i\u00e7in sistem <code>\/<\/code> k\u00f6k\u00fc asl\u0131nda <code>\/home\/kullanici<\/code> gibi s\u0131n\u0131rl\u0131 bir dizinmi\u015f gibi g\u00f6r\u00fcn\u00fcr. B\u00f6ylece kullan\u0131c\u0131 i\u015fletim sisteminin geri kalan\u0131n\u0131 g\u00f6remez, \u00e7o\u011fu sistem dosyas\u0131na eri\u015femez.<\/p>\n<h3><span id=\"cPanelde_Jailed_SSH_ve_Chroot_Mantigi\">cPanel\u2019de Jailed SSH ve Chroot Mant\u0131\u011f\u0131<\/span><\/h3>\n<p>cPanel ortamlar\u0131nda chroot genellikle <strong>Jailed SSH<\/strong> ile kar\u015f\u0131m\u0131za \u00e7\u0131kar. Kullan\u0131c\u0131ya normal shell yerine jailed shell verildi\u011finde, SSH ile ba\u011fland\u0131\u011f\u0131nda kendi home dizini ve bir dizi g\u00fcvenli sistem arac\u0131yla s\u0131n\u0131rland\u0131r\u0131lm\u0131\u015f bir ortam g\u00f6r\u00fcr. Bu \u015fu avantajlar\u0131 getirir:<\/p>\n<ul>\n<li>Kullan\u0131c\u0131 <code>\/etc\/passwd<\/code>, <code>\/var\/log<\/code> gibi hassas dizinleri do\u011frudan g\u00f6remez.<\/li>\n<li>Sunucu \u00fczerindeki di\u011fer kullan\u0131c\u0131lar\u0131n home dizinlerine eri\u015femez.<\/li>\n<li>Gereksiz sistem ara\u00e7lar\u0131 (<code>gcc<\/code>, <code>make<\/code> vb.) ortamdan \u00e7\u0131kar\u0131larak exploit geli\u015ftirme ihtimali azalt\u0131l\u0131r.<\/li>\n<\/ul>\n<p>Ancak chroot tek ba\u015f\u0131na sihirli bir \u00e7\u00f6z\u00fcm de\u011fildir. Kernel h\u00e2l\u00e2 ortakt\u0131r, baz\u0131 bilgilere dolayl\u0131 yollarla eri\u015filebilir, yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f izinler chroot\u2019un d\u0131\u015f\u0131na s\u0131zmaya izin verebilir. Ayr\u0131ca sadece SSH oturumlar\u0131n\u0131 kapsar; web sunucusunun \u00fcretti\u011fi PHP s\u00fcre\u00e7leri i\u00e7in ayr\u0131 bir izolasyon katman\u0131na ihtiya\u00e7 vard\u0131r.<\/p>\n<h3><span id=\"DirectAdminde_chroot_Kullanimi\">DirectAdmin\u2019de chroot Kullan\u0131m\u0131<\/span><\/h3>\n<p>DirectAdmin\u2019de de benzer \u015fekilde kullan\u0131c\u0131ya <em>jailed shell<\/em> vererek chroot tabanl\u0131 bir s\u0131n\u0131rlama uygulanabilir. \u00d6zellikle geli\u015ftirme yapan ama tam root eri\u015fimine ihtiyac\u0131 olmayan m\u00fc\u015fteriler i\u00e7in, komut sat\u0131r\u0131 verilecekse her zaman jailed shell tercih edilmelidir. Normal \/bin\/bash gibi tam shell\u2019ler, reseller ortamlar\u0131nda k\u00f6t\u00fc niyetli veya dikkatsiz bir kullan\u0131c\u0131ya gere\u011finden fazla g\u00fc\u00e7 verir.<\/p>\n<p>\u00d6zetle, chroot:<\/p>\n<ul>\n<li>SSH taraf\u0131nda temel bir izolasyon sa\u011flar,<\/li>\n<li>dosya sistemi g\u00f6r\u00fcn\u00fcrl\u00fc\u011f\u00fcn\u00fc s\u0131n\u0131rlar,<\/li>\n<li>ancak PHP, web sunucusu ve k\u00fct\u00fcphaneler d\u00fczeyinde daha geli\u015fmi\u015f bir \u00e7\u00f6z\u00fcme ihtiya\u00e7 b\u0131rak\u0131r.<\/li>\n<\/ul>\n<h2><span id=\"CloudLinux_CageFS_ile_Gelismis_Kullanici_Izolasyonu\">CloudLinux CageFS ile Geli\u015fmi\u015f Kullan\u0131c\u0131 \u0130zolasyonu<\/span><\/h2>\n<p>Pek \u00e7ok modern hosting ortam\u0131nda, \u00f6zellikle de cPanel ve DirectAdmin \u00fczerinde, <strong>CloudLinux<\/strong> i\u015fletim sistemi fiili bir standart h\u00e2line geldi. CloudLinux\u2019un sundu\u011fu en kritik \u00f6zelliklerden biri de <strong>CageFS<\/strong>\u2019tir. CageFS, her kullan\u0131c\u0131ya sanal bir dosya sistemi sunan ve onu sistemin geri kalan\u0131ndan izole eden bir katmand\u0131r. Klasik chroot\u2019un \u00fczerine ek g\u00fcvenlik katmanlar\u0131 ve kullan\u0131m kolayl\u0131\u011f\u0131 eklenmi\u015f geli\u015ftirilmi\u015f bir yakla\u015f\u0131md\u0131r.<\/p>\n<h3><span id=\"CageFS_Neyi_Cozuyor\">CageFS Neyi \u00c7\u00f6z\u00fcyor?<\/span><\/h3>\n<p>CageFS etkinle\u015ftirildi\u011finde, her kullan\u0131c\u0131:<\/p>\n<ul>\n<li>Kendi izole edilmi\u015f sanal dosya sisteminde \u00e7al\u0131\u015f\u0131r.<\/li>\n<li><code>\/proc<\/code>, <code>\/etc<\/code> gibi dizinleri s\u0131n\u0131rl\u0131, g\u00fcvenli bir \u015fekilde g\u00f6r\u00fcr.<\/li>\n<li>Sunucudaki di\u011fer kullan\u0131c\u0131lar\u0131n s\u00fcre\u00e7lerini, dosyalar\u0131n\u0131 ve konfig\u00fcrasyonlar\u0131n\u0131 g\u00f6remez.<\/li>\n<li>Simlink sald\u0131r\u0131lar\u0131 ve baz\u0131 klasik <a href=\"https:\/\/www.dchost.com\/tr\/web-hosting\">payla\u015f\u0131ml\u0131 hosting<\/a> exploit\u2019lerine kar\u015f\u0131 korunur.<\/li>\n<\/ul>\n<p>CageFS, PHP s\u00fcre\u00e7leri dahil olmak \u00fczere pek \u00e7ok bile\u015fenin bu sanal dosya sistemi i\u00e7inde \u00e7al\u0131\u015fmas\u0131n\u0131 sa\u011flar. B\u00f6ylece sadece SSH de\u011fil, web \u00fczerinden \u00e7al\u0131\u015fan uygulamalar da daha s\u0131k\u0131 izole edilir. CloudLinux\u2019un genel \u00e7al\u0131\u015fma mant\u0131\u011f\u0131n\u0131 merak ediyorsan\u0131z, detaylar\u0131 <a href='https:\/\/www.dchost.com\/blog\/cloudlinux-nedir\/'>CloudLinux nedir yaz\u0131m\u0131zda<\/a> olduk\u00e7a kapsaml\u0131 anlatm\u0131\u015ft\u0131k.<\/p>\n<h3><span id=\"CageFS_ve_LVE_Kaynak_Limitleri\">CageFS ve LVE Kaynak Limitleri<\/span><\/h3>\n<p>CageFS genellikle CloudLinux\u2019un <strong>LVE<\/strong> (Lightweight Virtual Environment) mod\u00fcl\u00fc ile birlikte kullan\u0131l\u0131r. LVE sayesinde her kullan\u0131c\u0131 i\u00e7in ayr\u0131 CPU, RAM, IO ve Entry Processes limitleri tan\u0131mlanabilir. Bu, bir m\u00fc\u015fterinin ani trafik patlamas\u0131n\u0131n t\u00fcm sunucuyu \u00e7\u00f6kertmesini engeller. cPanel taraf\u0131nda bu limitleri do\u011fru tasarlaman\u0131n \u00f6nemini <a href='https:\/\/www.dchost.com\/blog\/cpanel-reseller-paketlerinde-limit-tasarimi-neden-bu-kadar-onemli\/'>cPanel reseller paketlerinde limit tasar\u0131m\u0131 rehberimizde<\/a> detayland\u0131rm\u0131\u015ft\u0131k.<\/p>\n<p>Sonu\u00e7 olarak, reseller hosting taraf\u0131nda <strong>CageFS + LVE<\/strong> kombinasyonu:<\/p>\n<ul>\n<li>G\u00fcvenlik (kullan\u0131c\u0131lar\u0131n birbirini g\u00f6rememesi),<\/li>\n<li>Performans (her m\u00fc\u015fterinin kaynaklar\u0131n\u0131n s\u0131n\u0131rland\u0131r\u0131lmas\u0131),<\/li>\n<li>\u00d6ng\u00f6r\u00fclebilirlik (noisy neighbor etkisinin kontrol alt\u0131na al\u0131nmas\u0131)<\/li>\n<\/ul>\n<p>a\u00e7\u0131s\u0131ndan neredeyse vazge\u00e7ilmez bir yap\u0131 ta\u015f\u0131d\u0131r.<\/p>\n<h2><span id=\"Ayri_PHPFPM_Havuzlari_ile_Uygulama_Katmani_Izolasyonu\">Ayr\u0131 PHP\u2011FPM Havuzlar\u0131 ile Uygulama Katman\u0131 \u0130zolasyonu<\/span><\/h2>\n<p>Dosya sistemi ve sistem \u00e7a\u011fr\u0131lar\u0131 d\u00fczeyinde izolasyon kadar \u00f6nemli bir di\u011fer katman da <strong>PHP \u00e7al\u0131\u015fma modeli<\/strong>dir. Geleneksel mod_php veya tek bir global PHP\u2011FPM havuzu ile t\u00fcm siteleri ayn\u0131 havuzda \u00e7al\u0131\u015ft\u0131rmak, hem g\u00fcvenlik hem de performans taraf\u0131nda risklidir. Bu nedenle modern reseller mimarilerinde <strong>her kullan\u0131c\u0131ya veya her alan ad\u0131na ayr\u0131 PHP\u2011FPM havuzu<\/strong> atamak art\u0131k en iyi pratiklerden biri kabul ediliyor.<\/p>\n<h3><span id=\"PHPFPM_Havuzu_Nedir\">PHP\u2011FPM Havuzu Nedir?<\/span><\/h3>\n<p>PHP\u2011FPM, PHP s\u00fcre\u00e7lerini havuzlar (pool) halinde y\u00f6neten bir servisdir. Her havuz i\u00e7in ayr\u0131 kullan\u0131c\u0131, grup, dizin, <code>pm.max_children<\/code>, <code>pm.max_requests<\/code> gibi parametreler tan\u0131mlanabilir. Bu sayede \u00f6rne\u011fin yo\u011fun trafikli bir WooCommerce sitesi i\u00e7in daha agresif ayarlar kullan\u0131rken, k\u00fc\u00e7\u00fck bir blog i\u00e7in daha m\u00fctevaz\u0131 limitler belirleyebilirsiniz. Bu ayarlar\u0131n WordPress ve WooCommerce \u00fczerindeki etkilerini <a href='https:\/\/www.dchost.com\/blog\/wordpress-ve-woocommerce-icin-php-fpm-ayarlari-pm-pm-max_children-ve-pm-max_requests-hesaplama-rehberi\/'>PHP\u2011FPM ayarlar\u0131 rehberimizde<\/a> ad\u0131m ad\u0131m anlat\u0131yoruz.<\/p>\n<h3><span id=\"Neden_Her_Musteri_Icin_Ayri_FPM_Havuzu\">Neden Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 FPM Havuzu?<\/span><\/h3>\n<p>Reseller hosting\u2019te ayr\u0131 FPM havuzlar\u0131 \u015fu faydalar\u0131 sa\u011flar:<\/p>\n<ul>\n<li><strong>G\u00fcvenlik:<\/strong> Her havuz farkl\u0131 Unix kullan\u0131c\u0131s\u0131 ile \u00e7al\u0131\u015ft\u0131r\u0131l\u0131rsa, bir sitedeki zafiyet di\u011fer sitenin dosyalar\u0131na eri\u015femez.<\/li>\n<li><strong>Kaynak Kontrol\u00fc:<\/strong> Her m\u00fc\u015fteri i\u00e7in ayr\u0131 <code>pm.max_children<\/code> ve bellek limitleri tan\u0131mlanabilir. B\u00f6ylece tek bir proje t\u00fcm FPM s\u00fcre\u00e7lerini t\u00fcketemez.<\/li>\n<li><strong>Log Ayr\u0131m\u0131:<\/strong> Her havuzun ayr\u0131 slow log ve error log dosyalar\u0131 olur, hata ay\u0131klama \u00e7ok daha kolayla\u015f\u0131r.<\/li>\n<li><strong>Versiyon Esnekli\u011fi:<\/strong> cPanel ve DirectAdmin \u00fczerinde \u00e7oklu PHP s\u00fcr\u00fcmleri ile her siteye farkl\u0131 PHP versiyonu atanabilir.<\/li>\n<\/ul>\n<p>\u00d6zellikle b\u00fcy\u00fck WordPress, WooCommerce veya Laravel projelerinde, ayr\u0131 FPM havuzlar\u0131 olmadan sa\u011fl\u0131kl\u0131 bir \u00f6l\u00e7eklenme yakalamak zordur. Uygulama taraf\u0131 optimizasyonu ile ilgili daha ileri seviye ihtiya\u00e7lar\u0131n\u0131z varsa, <a href='https:\/\/www.dchost.com\/blog\/php-session-ve-cache-depolamasini-dogru-secmek-dosya-redis-ve-memcachedin-wordpress-ve-laravel-performansina-etkisi\/'>PHP session ve cache depolama stratejilerini anlatt\u0131\u011f\u0131m\u0131z yaz\u0131ya<\/a> da g\u00f6z atman\u0131z\u0131 \u00f6neririz.<\/p>\n<h2><span id=\"cPanelde_Musteri_Izolasyonu_Icin_Onerilen_Tasarim\">cPanel\u2019de M\u00fc\u015fteri \u0130zolasyonu \u0130\u00e7in \u00d6nerilen Tasar\u0131m<\/span><\/h2>\n<p>DCHost\u2019ta cPanel tabanl\u0131 reseller veya kurumsal hosting mimarisi tasarlarken izledi\u011fimiz temel prensipleri sade bir checklist halinde \u00f6zetleyelim. Bu prensipler, kendi sunucusunu y\u00f6netenler i\u00e7in de yol g\u00f6sterici olacakt\u0131r.<\/p>\n<h3><span id=\"1_Her_Musteri_Icin_Ayri_cPanel_Hesabi\">1. Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 cPanel Hesab\u0131<\/span><\/h3>\n<p>Tek bir cPanel hesab\u0131n\u0131n alt\u0131nda addon domain olarak 10\u201320 site bar\u0131nd\u0131rmak k\u0131sa vadede pratik g\u00f6r\u00fcnse de, \u015fu sorunlar hemen ortaya \u00e7\u0131kar:<\/p>\n<ul>\n<li>Dosya sistemi tamamen ortakt\u0131r; bir sitenin a\u00e7\u0131\u011f\u0131 di\u011fer t\u00fcm siteleri etkileyebilir.<\/li>\n<li>SSH\/SFTP eri\u015fimi verdi\u011finizde t\u00fcm siteleri tek kullan\u0131c\u0131 \u00fczerinden expose etmi\u015f olursunuz.<\/li>\n<li>E-posta, log ve yedek y\u00f6netimi kar\u0131\u015f\u0131r; hangi dosyan\u0131n hangi m\u00fc\u015fteriye ait oldu\u011fu net de\u011fildir.<\/li>\n<\/ul>\n<p>Bu y\u00fczden her m\u00fc\u015fteri (ve m\u00fcmk\u00fcnse her marka) i\u00e7in ayr\u0131 cPanel hesab\u0131 a\u00e7mak \u00e7ok daha do\u011frudur. Detayl\u0131 art\u0131-eksi analizi i\u00e7in <a href='https:\/\/www.dchost.com\/blog\/ayri-cpanel-hesabi-mi-addon-domain-mi-guvenlik-e-posta-ve-seo-acisindan-dogru-secim\/'>ayr\u0131 cPanel hesab\u0131 m\u0131 addon domain mi rehberimizden<\/a> yararlanabilirsiniz.<\/p>\n<h3><span id=\"2_CloudLinux_CageFS_LVE_Etkinlestirme\">2. CloudLinux + CageFS + LVE Etkinle\u015ftirme<\/span><\/h3>\n<p>cPanel \u00fczerinde CloudLinux \u00e7al\u0131\u015f\u0131yorsa, a\u015fa\u011f\u0131daki kombinasyon neredeyse varsay\u0131lan g\u00fcvenlik standard\u0131n\u0131z olmal\u0131:<\/p>\n<ul>\n<li>T\u00fcm hesaplar i\u00e7in <strong>CageFS aktif<\/strong><\/li>\n<li>Kaynak limitleri (CPU, RAM, IO, EP) m\u00fc\u015fteri paketlerine g\u00f6re tan\u0131mlanm\u0131\u015f<\/li>\n<li>Jailed SSH d\u0131\u015f\u0131nda normal shell eri\u015fimi kapal\u0131<\/li>\n<\/ul>\n<p>Bu sayede hem dosya sistemi d\u00fczeyinde izolasyon hem de kaynak bazl\u0131 s\u0131n\u0131rlama ayn\u0131 anda devreye girer. Kaynak limitlerini tasarlarken <a href='https:\/\/www.dchost.com\/blog\/reseller-hosting-yonetimi-rehberi-paketler-limitler-ve-izolasyon\/'>reseller hosting y\u00f6netimi ve limit tasar\u0131m\u0131 yaz\u0131m\u0131zdaki<\/a> pratik oranlardan faydalanabilirsiniz.<\/p>\n<h3><span id=\"3_Her_Site_Icin_Ayri_PHPFPM_Havuzu\">3. Her Site \u0130\u00e7in Ayr\u0131 PHP\u2011FPM Havuzu<\/span><\/h3>\n<p>cPanel\u2019in MultiPHP ve PHP\u2011FPM \u00f6zellikleriyle her domain i\u00e7in ayr\u0131 havuz kullanmak m\u00fcmk\u00fcnd\u00fcr. \u0130deal senaryoda:<\/p>\n<ul>\n<li>Her cPanel hesab\u0131 kendi kullan\u0131c\u0131 ad\u0131yla \u00e7al\u0131\u015fan FPM havuzlar\u0131na sahiptir.<\/li>\n<li>Yo\u011fun siteler i\u00e7in <code>pm.max_children<\/code>, <code>pm.start_servers<\/code> gibi parametreler \u00f6zel ayarlan\u0131r.<\/li>\n<li>Slow log aktif edilerek PHP performans sorunlar\u0131 kolayca tespit edilir.<\/li>\n<\/ul>\n<p>Bu yap\u0131, WordPress ve WooCommerce sitelerinde Core Web Vitals metriklerini iyile\u015ftirirken arka planda istikrarl\u0131 bir PHP performans\u0131 sa\u011flar. PHP taraf\u0131nda versiyon ge\u00e7i\u015fleri yaparken de <a href='https:\/\/www.dchost.com\/blog\/php-8-gecis-rehberi-paylasimli-hosting-ve-vpste-wordpress-ve-laraveli-guvenle-yukseltmek\/'>PHP 8 ge\u00e7i\u015f rehberimizde<\/a> anlatt\u0131\u011f\u0131m\u0131z uyumluluk test ad\u0131mlar\u0131n\u0131 atlamamak \u00f6nemli.<\/p>\n<h3><span id=\"4_cPanel_Hesap_Guvenligi_ve_Erisim\">4. cPanel Hesap G\u00fcvenli\u011fi ve Eri\u015fim<\/span><\/h3>\n<p>\u0130zolasyon sadece sunucu taraf\u0131nda de\u011fil, panel eri\u015fimi taraf\u0131nda da d\u00fc\u015f\u00fcn\u00fclmelidir. Her m\u00fc\u015fteri hesab\u0131 i\u00e7in:<\/p>\n<ul>\n<li>Giri\u015f parolalar\u0131 g\u00fc\u00e7l\u00fc ve benzersiz olmal\u0131,<\/li>\n<li>\u0130ki fakt\u00f6rl\u00fc kimlik do\u011frulama (2FA) etkinle\u015ftirilmeli,<\/li>\n<li>Gereksiz FTP hesaplar\u0131 ve eski SSH anahtarlar\u0131 periyodik olarak temizlenmeli.<\/li>\n<\/ul>\n<p>Bu konuyu ba\u015fl\u0131 ba\u015f\u0131na ele ald\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/cpanel-hesap-guvenligi-sertlestirme-rehberi-2fa-ip-kisitlama-ve-yetki-yonetimi\/'>cPanel hesap g\u00fcvenli\u011fi sertle\u015ftirme rehberindeki<\/a> ad\u0131mlar\u0131 uygulad\u0131\u011f\u0131n\u0131zda, reseller altyap\u0131n\u0131z\u0131n sadece sunucu taraf\u0131 de\u011fil, panel taraf\u0131 da kurumsal seviyeye yakla\u015facakt\u0131r.<\/p>\n<h2><span id=\"DirectAdminde_Musteri_Izolasyonu_Icin_Onerilen_Tasarim\">DirectAdmin\u2019de M\u00fc\u015fteri \u0130zolasyonu \u0130\u00e7in \u00d6nerilen Tasar\u0131m<\/span><\/h2>\n<p>DirectAdmin kullanan reseller\u2019lar i\u00e7in yakla\u015f\u0131m mant\u0131k olarak \u00e7ok benzerdir; sadece panel terminolojisi ve baz\u0131 men\u00fc adlar\u0131 farkl\u0131d\u0131r. DCHost \u00fczerinde DirectAdmin tercih eden ajans ve yaz\u0131l\u0131m evlerinde yayg\u0131n olarak \u00f6nerdi\u011fimiz yap\u0131 \u015fu \u015fekildedir:<\/p>\n<h3><span id=\"1_Her_Musteri_Icin_Ayri_User_Her_Site_Icin_Ayri_Domain\">1. Her M\u00fc\u015fteri \u0130\u00e7in Ayr\u0131 User, Her Site \u0130\u00e7in Ayr\u0131 Domain<\/span><\/h3>\n<p>DirectAdmin\u2019de reseller hesab\u0131 alt\u0131nda birden fazla <em>User<\/em> olu\u015fturabilirsiniz. En sa\u011fl\u0131kl\u0131 tasar\u0131m, her m\u00fc\u015fteriye \u00f6zel bir User tan\u0131mlamak ve o m\u00fc\u015fteriye ait alan adlar\u0131n\u0131 bu kullan\u0131c\u0131 alt\u0131nda a\u00e7makt\u0131r. B\u00f6ylece:<\/p>\n<ul>\n<li>Her m\u00fc\u015fterinin dosyalar\u0131, veritabanlar\u0131 ve e-posta kutular\u0131 mant\u0131ksal olarak ayr\u0131l\u0131r.<\/li>\n<li>Yedekleme ve geri y\u00fckleme i\u015flemleri m\u00fc\u015fteri bazl\u0131 yap\u0131labilir.<\/li>\n<li>SSH\/SFTP eri\u015fimi verdi\u011finizde sadece o m\u00fc\u015fterinin alanlar\u0131 etkilenir.<\/li>\n<\/ul>\n<h3><span id=\"2_CloudLinux_Entegrasyonu_ve_CageFS\">2. CloudLinux Entegrasyonu ve CageFS<\/span><\/h3>\n<p>DirectAdmin de CloudLinux ile entegre \u00e7al\u0131\u015fabilir. cPanel\u2019de bahsetti\u011fimiz CageFS ve LVE prensipleri burada da ge\u00e7erlidir. T\u00fcm kullan\u0131c\u0131lar i\u00e7in CageFS\u2019yi aktif edip LVE limitlerini reseller paketlerine g\u00f6re tan\u0131mlamak, DirectAdmin taraf\u0131nda da en temiz \u00e7\u00f6z\u00fcmd\u00fcr. Bu sayede panel fark etmeksizin standart bir g\u00fcvenlik ve kaynak y\u00f6netimi politikas\u0131 uygulayabilirsiniz.<\/p>\n<h3><span id=\"3_PHPFPM_Havuzlarinin_Kullanici_Bazli_Ayrilmasi\">3. PHP\u2011FPM Havuzlar\u0131n\u0131n Kullan\u0131c\u0131 Bazl\u0131 Ayr\u0131lmas\u0131<\/span><\/h3>\n<p>DirectAdmin\u2019de de her kullan\u0131c\u0131 veya her domain i\u00e7in ayr\u0131 PHP\u2011FPM havuzlar\u0131 tan\u0131mlamak m\u00fcmk\u00fcnd\u00fcr. E\u011fer LiteSpeed veya Nginx + PHP\u2011FPM kombinasyonu kullan\u0131yorsan\u0131z:<\/p>\n<ul>\n<li>Her User i\u00e7in ayr\u0131 Unix kullan\u0131c\u0131s\u0131 ve FPM havuzu kullan\u0131n.<\/li>\n<li>Yo\u011fun siteler i\u00e7in havuz parametrelerini \u00f6zelle\u015ftirin.<\/li>\n<li>Varsay\u0131lan php.ini ayarlar\u0131n\u0131 m\u00fc\u015fterinin ihtiyac\u0131na g\u00f6re ek konfig\u00fcrasyon dosyalar\u0131 ile geni\u015fletin.<\/li>\n<\/ul>\n<p>Bu yap\u0131, \u00f6zellikle DirectAdmin \u00fczerinde \u00e7ok say\u0131da PHP tabanl\u0131 uygulama (WordPress, OpenCart, Laravel vb.) bar\u0131nd\u0131ran ajanslar i\u00e7in hem hata ay\u0131klamay\u0131 hem de kapasite planlamas\u0131n\u0131 \u00e7ok kolayla\u015ft\u0131r\u0131r.<\/p>\n<h2><span id=\"Ajanslar_Freelancerlar_ve_SaaS_Gelistiricileri_Icin_Senaryolar\">Ajanslar, Freelancer\u2019lar ve SaaS Geli\u015ftiricileri \u0130\u00e7in Senaryolar<\/span><\/h2>\n<p>Teoriyi prati\u011fe d\u00f6kmek i\u00e7in DCHost\u2019ta s\u0131k kar\u015f\u0131la\u015ft\u0131\u011f\u0131m\u0131z birka\u00e7 ger\u00e7ek\u00e7i senaryoyu payla\u015fmak i\u015finizi kolayla\u015ft\u0131racakt\u0131r.<\/p>\n<h3><span id=\"Senaryo_1_30_WordPress_Sitesi_Yoneten_Ajans\">Senaryo 1: 30+ WordPress Sitesi Y\u00f6neten Ajans<\/span><\/h3>\n<p>Bir web ajans\u0131 d\u00fc\u015f\u00fcn\u00fcn; onlarca WordPress ve WooCommerce projesini tek bir reseller hesab\u0131 alt\u0131nda y\u00f6netiyor. K\u0131sa vadede her \u015feyi tek bir cPanel hesab\u0131nda addon domain olarak tutmak kolay g\u00f6r\u00fcn\u00fcyor. Ancak bir sitede kullan\u0131lan zay\u0131f bir eklenti \u00fczerinden sald\u0131r\u0131 ger\u00e7ekle\u015fti\u011finde, sald\u0131rgan t\u00fcm dosya a\u011fac\u0131na eri\u015febiliyor. Ayr\u0131ca bir kampanya d\u00f6neminde tek bir WooCommerce sitesine gelen trafik, t\u00fcm hesap i\u00e7in PHP s\u00fcre\u00e7lerini t\u00fcketiyor ve ajans\u0131n di\u011fer t\u00fcm projeleri yava\u015fl\u0131yor.<\/p>\n<p>Bu ajansla birlikte yapt\u0131\u011f\u0131m\u0131z yeniden tasar\u0131mda:<\/p>\n<ul>\n<li>Her son m\u00fc\u015fteri i\u00e7in ayr\u0131 cPanel hesab\u0131 a\u00e7t\u0131k.<\/li>\n<li>CageFS ve LVE limitleri m\u00fc\u015fteri paketlerine g\u00f6re ayr\u0131\u015ft\u0131rd\u0131k.<\/li>\n<li>Her domain i\u00e7in ayr\u0131 PHP\u2011FPM havuzu tan\u0131mlad\u0131k.<\/li>\n<\/ul>\n<p>Sonu\u00e7: Hem g\u00fcvenlik olaylar\u0131 dar alanda kald\u0131 hem de yo\u011fun trafik d\u00f6nemlerinde sadece ilgili m\u00fc\u015fterinin kaynaklar\u0131 tavan yapt\u0131, di\u011fer siteler stabil kald\u0131. Ajans \u00f6l\u00e7eklenme ihtiyac\u0131n\u0131 art\u0131rd\u0131\u011f\u0131nda, <a href='https:\/\/www.dchost.com\/blog\/ajanslar-icin-reseller-hosting-mi-vps-mi-olceklenebilir-barindirma-stratejisi\/'>reseller hosting mi VPS mi karar rehberini<\/a> kullanarak baz\u0131 projeleri izole <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a> \u00fczerine ta\u015f\u0131yarak daha da kontroll\u00fc bir mimariye ge\u00e7ti.<\/p>\n<h3><span id=\"Senaryo_2_ETicaret_Agi_Yoneten_Girisim\">Senaryo 2: E\u2011Ticaret A\u011f\u0131 Y\u00f6neten Giri\u015fim<\/span><\/h3>\n<p>Bir ba\u015fka \u00f6rnekte, ayn\u0131 ekip birden fazla ni\u015f e\u2011ticaret markas\u0131n\u0131 tek \u00e7at\u0131 alt\u0131nda y\u00f6netiyordu. Farkl\u0131 domain\u2019ler, farkl\u0131 kampanyalar ve farkl\u0131 \u00f6deme sa\u011flay\u0131c\u0131lar\u0131 vard\u0131. Burada hem g\u00fcvenlik (\u00f6zellikle \u00f6deme sayfalar\u0131 ve m\u00fc\u015fteri verisi) hem de <strong>KVKK\/GDPR ve PCI\u2011DSS<\/strong> gibi reg\u00fclasyonlara uyum kritik h\u00e2le geldi.<\/p>\n<p>Bu yap\u0131da; her marka i\u00e7in ayr\u0131 cPanel hesab\u0131, her hesapta CageFS, LVE ve ayr\u0131 PHP\u2011FPM havuzlar\u0131 kullan\u0131ld\u0131. Kart verisini sunucuya hi\u00e7 dokundurmayan bir mimariyle, <a href='https:\/\/www.dchost.com\/blog\/pci-dss-uyumlu-e-ticaret-hosting-rehberi\/'>PCI\u2011DSS uyumlu e\u2011ticaret hosting prensiplerini<\/a> uygulad\u0131k. B\u00f6ylece bir sitedeki g\u00fcvenlik a\u00e7\u0131\u011f\u0131 di\u011fer markalar\u0131 etkilemeden, dar bir alanda izole edilip d\u00fczeltilebildi.<\/p>\n<h3><span id=\"Senaryo_3_MultiTenant_SaaS_Uygulamasi\">Senaryo 3: Multi\u2011Tenant SaaS Uygulamas\u0131<\/span><\/h3>\n<p>SaaS geli\u015ftiricileri i\u00e7in de reseller \/ \u00e7oklu hosting ortamlar\u0131nda izolasyon \u00e7ok benzer \u015fekilde \u00e7al\u0131\u015f\u0131r. Tek bir kod taban\u0131n\u0131n alt\u0131nda birden fazla m\u00fc\u015fteriyi bar\u0131nd\u0131r\u0131rken, her m\u00fc\u015fterinin verisini ve alan ad\u0131n\u0131 do\u011fru izole etmek gerekir. Bu noktada veritaban\u0131 \u015femas\u0131, dosya depolama ve SSL otomasyonu gibi konular devreye girer. Ayr\u0131nt\u0131lar\u0131n\u0131 <a href='https:\/\/www.dchost.com\/blog\/kucuk-saas-ve-api-projeleri-icin-multi-tenant-veritabani-ve-hosting-rehberi\/'>multi\u2011tenant veritaban\u0131 ve hosting rehberimizde<\/a> anlatt\u0131\u011f\u0131m\u0131z bu yakla\u015f\u0131m, reseller hosting\u2019te m\u00fc\u015fteri izolasyonu ile ayn\u0131 felsefeyi payla\u015f\u0131r: Her m\u00fc\u015fterinin verisi, s\u00fcreci ve kaynak kullan\u0131m\u0131 olabildi\u011fince ba\u011f\u0131ms\u0131z olmal\u0131d\u0131r.<\/p>\n<h2><span id=\"DCHostta_Izolasyon_Standartlarimiz\">DCHost\u2019ta \u0130zolasyon Standartlar\u0131m\u0131z<\/span><\/h2>\n<p>Biz DCHost olarak, reseller ve \u00e7oklu site bar\u0131nd\u0131rma senaryolar\u0131nda varsay\u0131lan yakla\u015f\u0131m\u0131m\u0131z\u0131 \u015fu \u015fekilde \u00f6zetliyoruz:<\/p>\n<ul>\n<li>Her son m\u00fc\u015fteri veya marka i\u00e7in ayr\u0131 kullan\u0131c\u0131 hesab\u0131 (cPanel veya DirectAdmin User)<\/li>\n<li>CloudLinux \u00fczerinde CageFS ve LVE ile kullan\u0131c\u0131 bazl\u0131 izolasyon ve kaynak limitleri<\/li>\n<li>Her domain i\u00e7in ayr\u0131 PHP\u2011FPM havuzu ve projeye \u00f6zel FPM ayarlar\u0131<\/li>\n<li>G\u00fc\u00e7l\u00fc parola politikas\u0131, 2FA ve IP k\u0131s\u0131tlamalar\u0131 ile panel eri\u015fim sertle\u015ftirmesi<\/li>\n<li>Periyodik g\u00fcvenlik taramalar\u0131, yama y\u00f6netimi ve log analizi<\/li>\n<\/ul>\n<p>Bu mimari sayesinde bir m\u00fc\u015fteride ya\u015fanan performans veya g\u00fcvenlik sorunu, di\u011fer m\u00fc\u015fterilere minimum etkiyle y\u00f6netilebilir h\u00e2le geliyor. \u00d6zellikle \u00e7ok siteli WordPress ve WooCommerce ortamlar\u0131nda, do\u011fru izolasyon ve kaynak limitleri ile <strong>&#8220;Resource Limit Reached&#8221;<\/strong> gibi klasik payla\u015f\u0131ml\u0131 hosting hatalar\u0131n\u0131 \u00f6nemli \u00f6l\u00e7\u00fcde azaltmak m\u00fcmk\u00fcn oluyor.<\/p>\n<h2><span id=\"Sonuc_Saglam_Izolasyon_Surdurulebilir_Reseller_Is_Modelinin_Temeli\">Sonu\u00e7: Sa\u011flam \u0130zolasyon, S\u00fcrd\u00fcr\u00fclebilir Reseller \u0130\u015f Modelinin Temeli<\/span><\/h2>\n<p>Reseller hosting, do\u011fru kuruldu\u011funda son derece k\u00e2rl\u0131 ve y\u00f6netilebilir bir i\u015f modelidir. Ancak temel ta\u015flardan biri eksikse \u2013<strong>m\u00fc\u015fteri izolasyonu<\/strong>\u2013 hem g\u00fcvenlik olaylar\u0131 hem de performans problemleri ka\u00e7\u0131n\u0131lmaz h\u00e2le gelir. cPanel ve DirectAdmin \u00fczerinde chroot, CloudLinux CageFS ve ayr\u0131 PHP\u2011FPM havuzlar\u0131n\u0131 birlikte kullanmak; dosya sistemi, s\u00fcre\u00e7ler ve kaynaklar d\u00fczeyinde \u00e7ok katmanl\u0131 bir koruma sa\u011flar.<\/p>\n<p>\u00d6zetle:<\/p>\n<ul>\n<li>chroot ve jailed shell, SSH taraf\u0131nda temel g\u00f6r\u00fcn\u00fcrl\u00fck k\u0131s\u0131tlamas\u0131n\u0131 sa\u011flar.<\/li>\n<li>CageFS, kullan\u0131c\u0131ya izole bir sanal dosya sistemi sunarak payla\u015f\u0131ml\u0131 hosting\u2019in klasik zafiyetlerini b\u00fcy\u00fck \u00f6l\u00e7\u00fcde kapat\u0131r.<\/li>\n<li>Her kullan\u0131c\u0131 veya domain i\u00e7in ayr\u0131 PHP\u2011FPM havuzlar\u0131, hem g\u00fcvenlik hem de performans taraf\u0131nda ince ayar yapma imk\u00e2n\u0131 verir.<\/li>\n<\/ul>\n<p>E\u011fer halihaz\u0131rda reseller kullan\u0131yorsan\u0131z veya DCHost \u00fczerinde b\u00f6yle bir yap\u0131ya ge\u00e7meyi planl\u0131yorsan\u0131z, altyap\u0131n\u0131z\u0131 bu prensiplerle g\u00f6zden ge\u00e7irmenizi \u00f6neririz. Panel taraf\u0131ndaki tasar\u0131m, CloudLinux ve PHP\u2011FPM ayarlar\u0131 i\u00e7in daha teknik bir de\u011ferlendirmeye ihtiya\u00e7 duyuyorsan\u0131z, projelerinizin detay\u0131n\u0131 bizimle payla\u015farak size \u00f6zel bir mimari \u00f6neri talep edebilirsiniz. Do\u011fru izolasyon ile, hem m\u00fc\u015fterilerinizin g\u00fcvenli\u011fini ve performans\u0131n\u0131 art\u0131r\u0131r hem de kendi hosting i\u015f modelinizi uzun vadede s\u00fcrd\u00fcr\u00fclebilir h\u00e2le getirmi\u015f olursunuz.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Reseller Hosting\u2019de M\u00fc\u015fteri \u0130zolasyonu Neden Bu Kadar Kritik?2 Reseller Hosting Mimarisi ve Tipik Riskler2.1 Payla\u015f\u0131ml\u0131 Kaynaklar ve G\u00fcr\u00fclt\u00fcc\u00fc Kom\u015fu Problemi2.2 cPanel ve DirectAdmin\u2019de Yap\u0131sal Farklar3 Chroot ile Dosya Sistemi Seviyesinde \u0130zolasyon3.1 cPanel\u2019de Jailed SSH ve Chroot Mant\u0131\u011f\u01313.2 DirectAdmin\u2019de chroot Kullan\u0131m\u01314 CloudLinux CageFS ile Geli\u015fmi\u015f Kullan\u0131c\u0131 \u0130zolasyonu4.1 CageFS Neyi \u00c7\u00f6z\u00fcyor?4.2 CageFS ve LVE Kaynak Limitleri5 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4927,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-4926","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=4926"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/4926\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/4927"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=4926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=4926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=4926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}