The shared hosting model, though economical, immediately presents a security concern, since the HTTP server (for instance, Apache or Microsoft IIS) needs to have a considerable amount of control over the files and directories that are to be served to the client. If your application offers the ability to upload files posted through web forms, the problem is further compounded since the HTTP server now needs write permission on the destination directory. In the common virtual hosting configuration discussed above, if the HTTP server has write permission to that directory, then any user running a PHP script on that same server can also write to the directory. Obviously, this presents a major security concern. However, there are steps that can be implemented, as a server administrator or as a user, that will eliminate or mitigate the security issues, or at least isolate individual users so that a script exploit on one host cannot easily affect other hosts on the same server. In this article, I will give a few tips for  you to ask your webhosting for web safety assurance

1) Safe Mode

2)  Restricting Includes  (i.e:  open_basedir = /path/to/web/root)

3) Installed Suhosin

4) Disable Remote File Includes (i.e: allow_url_fopen = Off ; mallow_url_include = Off)

5) Disable Globals (i.e: register_globals = Off)

6) Preventing Information Disclosure (i.e:  display_errors = Off)