I&#39;ve been playing around with CloudLinux a bit and haven&#39;t had a chance to properly reply to this thread until now.  That said, CloudLinux itself is not a virtualization layer in the sense of Xen, VMWare or the like.  It instead is a way to limit system resources based on the user (uid) instead of by process.<div>
<br></div><div>While CloudLinux does include some security features (a grsecurity patch, utilization of fcgid / suphp for running cgi processes as the VirtualHost user, instead of as the apache user), it&#39;s primary benefit is in the limitation of CPU, I/O, and process count per user.  In a hosting environment, being able to prevent one user from completely tanking a server (either intentionally, as a result of a Digg or Slashdot article, or some attack aimed at the site), this is a huge benefit.  </div>
<div><br></div><div>IMO the name itself (CloudLinux) is somewhat misleading, as it does not employ any Cloud features (no real abstraction of services from the hardware).  </div><div><br></div><div>@R P Herrold</div><div>
I agree that the basic support is useless.  I do not know the pricing of licenses / support as of yet, however, I suspect that Basic plan is simply there to make the others look more attractive for whatever the price is (see AT&amp;T&#39;s .5GB data package vs 2GB data package for a similar concept).  </div>
<div><br></div><div>In the OT part of this thread, I would also agree that many of the security risks of Cloud computing are much arm waving, and can largely be resolved by proper encryption of data, in addition to using the Cloud properly.  There are parts of it that can be useful (non-critical data storage, inexpensive off site backups, etc), and parts that you may not want to keep out there (unencrypted user SSN&#39;s, CC#&#39;s, etc), more as part of good practice than any real security concerns.</div>
<div><br></div><div>@Lynn</div><div>I also agree that any way we can make the bad guys keep scratching their heads, gives us time to implement better policies and procedures to further complicate their lives.  However, while we should try to keep our methods of thwarting them quiet, it could also be beneficial to inform others who have noticed (and been open) about the same attacks know what you did to resolve it, even if done so out of band via a simple phone call, etc.  </div>
<div><br></div><div>-- Dan</div>