Each website has its own private directory, which is accessible by secure FTP (SFTP), using keypairs (rather than passwords).
There is one special directory (/cms) where you upload your templates and scripts for use by the content management system, but otherwise, you can place files wherever you're used to, e.g. /css, /images and /js.
PHP is configured with
include_path restricted so you can only access files on your own site (and other sites can't access yours). Some PHP functions, like system calls, are also disabled for security reasons, but none of them should be required for most sites anyway.
Next page: Languages and translation »