I am new in cyber security and a bit confused with scanning a website that exists in shared hosting. My question is: No matter what is vulnerability scanner I am using, if I give the scanner a domain name that is hosted in a shared hosting service, it means that if I perform a scan it's going to scan the server which includes other sites also, or just my domain name? If yes this sounds a bit illegal, since at the same time other websites' infrastructure is getting scanned without their permission. If I am not wrong the same applies to an open port scanner like nmap. If the client gives us the IP of his website, this means that in case it is a shared host, I am going to scan the whole server and not only his website. Is this correct?
Thank you in advance!!!
First of all, your shared hosting provider will have an opinion about if you are allowed to perform security tests and if - in what scope. Example taken from AWS is following.
I can not imagine a shared hosting provider allowing some user to perform security tests on the network level, as such tests are indistinguishable from a normal attack which goes against the whole infrastructure. On the other hand I can not imagine anyone prohibiting me to test my own application which I have deployed and maintain (although it might be required to contact the provider and announce such tests to be performed before hand).
Please note, you usually do not go and use a shared hosting provider if security of the infrastructure is your greatest concern. In case the shared hosting provider is vulnerable, all his users accounts will be hacked before you know it. This would be a disaster for the provider, so I would assume, he puts respective efforts into protecting the infrastructure making some ad hoc, one-time, automated user tests insignificant and unnecessary in the first place.