Hazel's only requirement is CGI access. As such, she works on the vast majority of web hosting providers. However, to run smoothly and securely, we suggest a server be configured with the following tips in mind.
CGI must run as the domain-owner userid.
CGI programs must execute with the same userid which owns the files you upload to the server, which is assumed to be your own userid, the "owner" of your domain. Thus, all of Hazel's files need only be readable and writable by your userid. Nobody else can access them.
Often web servers will run as a "nobody" or "www" account. While this prevents CGI from obtaining access to the system at large, it often means that everyone else on your shared server has access to the same files your own CGI must read and write. It is a tremendous, often-overlooked security hole.
Other servers will "do the right thing" on their nonsecure servers, but CGI on a shared secure server will run under some other less-privileged userid, which means you'll have to open up your files to everyone, anyway, eliminating any benefits of their running their nonsecure server properly! The solution in this case is for the ISP to run some sort of "cgi-wrapper" to ensure that all CGI run as their owners.
Secure and nonsecure documents must share common directories.
If you must upload copies of every document, CGI, and configuration file you need served securely, it's both a hassle and an opportunity for potentially confounding mistakes. For example, if you have separate secure and nonsecure CGI directories, you'll have to update both Hazels whenever you upgrade, in addition to copying the hazel.config to both directories every time you edit it!
By sharing the same directory (or "linking" secure to nonsecure), the entire setup process is made much simpler.
SSH? Telnet?
Where Telnet or SSH access is indicated, a "shell account" is available on the given Unix-based servers. While this is not a requirement, it can greatly aid in debugging and some wizards enjoy "getting into the system" to make changes rather than making all updates over FTP.