The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[11.38] Open source cPanel Security Advisor Addon [ALPHA VERSION]

Discussion in 'Security' started by cPanelNick, May 23, 2013.

  1. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    This is a pre-release alpha version that is not intended for general use and has only been tested on 11.38.

    https://github.com/cpanelinc/addon_securityadvisor

    We would appreciate any preliminary feedback.

    https://raw.github.com/CpanelInc/addon_securityadvisor/master/LICENSE


    Screen Shot 2013-05-23 at 6.02.14 PM.png


    A few design goals for this project:

    1) Collect feedback on what security items we can enable by default without causing problems.
    2) Provide a way for cPanel to directly provide advice on how to secure your server on a single page.
    3) Highlight new security features as they are added to cPanel/WHM.
    4) Provide the system under a permissive open source license so anyone can use/expand it.
    5) Integrate this into WHM once it has moves from alpha -> beta -> in.
     
  2. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    This was updated today. Update instructions are in the README files.
     
  3. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    /etc/shadow has non default permissions. Expected: 0600, Actual: 0200.
    Review the permissions on /etc/shadow to ensure they are safe

    I believe 0200 is OK too.

    A newer kernel is installed, however the system has not been rebooted. running: 2.6.32-458.6.2.lve1.2.30.el6.x86_64.debug, installed: 2.6.32-458.6.2.lve1.2.30.el6

    Actually is the same kernel. It should strip/ignore ".debug" like it does for arch.
     
  4. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hi Nick,

    Its really a great script and idea. i will use this soon once the qualified admins using it and it will going in the gamma.
     
  5. jazz1611

    jazz1611 Well-Known Member

    Joined:
    Jun 5, 2012
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I uninstalled Security Advisor Plugin and deleted everything related to it. But it still show on tables Plugin on WHM. You can see it on picture. Now how can i resolve it?

    /http://i.imgur.com/vPxwim3.png
     
  6. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Is this currently supposed to do anything? I installed it and it simply shows a button for "scan again?"

    Also, the update instructions don't seem to work -

    Update:

    Code:
    cd [WHERE YOU RAN THE INSTALL]
    
    cd addon_securityadvisor
    
    git pull
    
    cd addon_securityadvisor/pkg
    
    ./install
     
  7. jimlongo

    jimlongo Well-Known Member

    Joined:
    Mar 20, 2008
    Messages:
    145
    Likes Received:
    2
    Trophy Points:
    18
    I have it installed on 3 servers and it worked as advertised . . . on 1 of them it has in the last few days stopped doing anything other than what is described above. Maybe since 11.40 - but all 3 servers are 11.40.06

    Screen Shot 2013-10-13 at 1.20.32 PM.png
     
    #7 jimlongo, Oct 13, 2013
    Last edited: Oct 13, 2013
  8. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Okay, disappointed to never have received a response to my post (until now) - so I'll share my own findings -

    1. The update instructions for the alpha version don't work as stated above
    2. The plug-in, and the 11.40 release version, do not work on Vista IE 9.0 - this was reproduced by cpanel with a bug report filed
    3. The 11.40 release (and probably the plug-in) incorrectly identify suspended accounts as having full shell access - bug report filed
    4. The 11.40 release doesn't work with the plug-in still in place, so the plug-in requires removal in order for the release version to function properly - per my support ticket, here were the steps taken to move the plug-in out of the way -

    Code:
    mv /root/scripts/addon_securityadvisor/pkg/cgi/addon_securityadvisor.cgi /root/scripts/addon_securityadvisor/pkg/cgi/addon_securityadvisor.cgi.bak
    /usr/local/cpanel/bin/unregister_appconfig /root/scripts/addon_securityadvisor/pkg/appconfig/securityadvisor.conf
    mv /root/scripts/addon_securityadvisor/pkg/appconfig/securityadvisor.conf /root/scripts/addon_securityadvisor/pkg/appconfig/securityadvisor.conf.bak
    mv /var/cpanel/addons/securityadvisor /var/cpanel/addons/securityadvisor.bak
    mv /usr/local/cpanel/whostmgr/docroot/cgi/addons/securityadvisor/index.cgi /usr/local/cpanel/whostmgr/docroot/cgi/addons/securityadvisor/index.cgi.bak
    I hope this info helps others.

    Mike

    - - - Updated - - -

    By the way, happy to see the security advisor incorporated into WHM. I've got many ideas for useful enhancements. What's in place thus far is very valuable. Hopefully there will be more focus on security going forward. Thanks cpanel!
     
  9. jimlongo

    jimlongo Well-Known Member

    Joined:
    Mar 20, 2008
    Messages:
    145
    Likes Received:
    2
    Trophy Points:
    18
    Thanks lbeachmike , that fixed that server.

    Curious that the other 2 servers still run 1.03 from either Plugins>Security Advisor OR Security>Security Advisor

    In other words didn't need to remove the plugin to have it work in 2 cases out of 3.

    ALSO note that the removal instructions you gave did not work for me. The /scripts directory doesn't exist on my server, instead just removing every instance of /scripts worked for me. Perhaps because I wasn't running the alpha but release 1.0

    Code:
    mv /root/addon_securityadvisor/pkg/cgi/addon_securityadvisor.cgi /root/addon_securityadvisor/pkg/cgi/addon_securityadvisor.cgi.bak
    /usr/local/cpanel/bin/unregister_appconfig /root/addon_securityadvisor/pkg/appconfig/securityadvisor.conf
    mv /root/addon_securityadvisor/pkg/appconfig/securityadvisor.conf /root/addon_securityadvisor/pkg/appconfig/securityadvisor.conf.bak
    mv /var/cpanel/addons/securityadvisor /var/cpanel/addons/securityadvisor.bak
    mv /usr/local/cpanel/whostmgr/docroot/cgi/addons/securityadvisor/index.cgi /usr/local/cpanel/whostmgr/docroot/cgi/addons/securityadvisor/index.cgi.bak
    Thanks again.
     
    #9 jimlongo, Oct 14, 2013
    Last edited: Oct 14, 2013

Share This Page