Apache Symlink Protection False positive?

Skin

Well-Known Member
Feb 3, 2006
93
4
158
Italy
Hello, on my new VPS ( mochahost cPanel v70.0.48) In Home »Security Center »Security Advisor I can see this message:

Kernel does not support the prevention of symlink ownership attacks.You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. Please review the documentation to learn how to apply this protection.
I asked to my provider, if possible, to enable KernelCare Free Symlink Protection, because I would not use bluehost patch, but after that I now see this message in Security Center »Security Advisor :

Apache Symlink Protection: the Bluehost provided Apache patch is in effect It appears that the Bluehost provided Apache patch is being used to provide symlink protection. This is less than optimal. Please review Symlink Race Condition Protection.
So is this a false positive?

Can you please tel me how to check if KernelCare Free Symlink Protection is really enabled?
 
Last edited by a moderator:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,275
313
Houston
Hello,


In that case you can request that your provider give you the output. The command needs to be run on the host node as it'd be the only way to determine if it's actually protected.

Thanks!