Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Best profile setting

Discussion in 'Security' started by dilstar, Jul 27, 2015.

  1. dilstar

    dilstar Member

    Joined:
    Nov 20, 2013
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am building new server, but i would like to have compeltly worrry free from symlink, i am not gonna take cloudlinux as i am on openvz.

    tell me should i go with modruid or i can go simply normal build, but if i will normally build without mod ruid, i will not no any issue as i have good experiance in normal build of easyapache but trying to think about mod ruid because of symlink protection.

    let me know what will be the best.
    if cpanel have fixed the symlinking attack issue in new cpanel version then i will install the normal web server profile .

    suggest me as it will be web host server.
    thanks
     
    #1 dilstar, Jul 27, 2015
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    1,008
    Likes Received:
    86
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    For most people, if you do not want to use RUID2, the "symlink race condition protection" option in EasyApache provides enough protection. You have to use a PHP handler like SuPHP or FCGI though so that file uploads are owned by the website user and not the "nobody" apache user.
     
    #2 quizknows, Jul 27, 2015
  3. dilstar

    dilstar Member

    Joined:
    Nov 20, 2013
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    why should i not use RUID2 for web host production ? whats bad in it?

    thanks
     
    #3 dilstar, Jul 27, 2015
  4. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    1,008
    Likes Received:
    86
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    I am not saying that you should not use it; if you can make it work then it offers good security. You should carefully review the documentation:

    https://documentation.cpanel.net/display/EA/Apache+Module:+ModRuid2

    If you cannot use RUID2 then I am saying that the "symlink race condition protection" offers enough protection for most people to stop cross-account compromises.
     
    #4 quizknows, Jul 27, 2015
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,968
    Likes Received:
    2,119
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    As mentioned, you can find the document on Mod_Ruid2 at:

    Apache Module - Mod_Ruid2

    This document explains the compatibility issues you may face when enabling Mod_Ruid2.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 cPanelMichael, Jul 28, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - Best profile setting
  1. Pablo Canales

    Best way to transfer domains to new VPS

    Pablo Canales, May 10, 2019, in forum: General Discussion
    Replies:
    3
    Views:
    176
    Pablo Canales
    May 10, 2019
  2. vcg_wss

    Email best practices for cPanel shared hosting?

    vcg_wss, Apr 17, 2019, in forum: E-mail Discussion
    Replies:
    1
    Views:
    335
    cPanelMichael
    Apr 18, 2019
  3. NetsSource

    Best Practice for Migration

    NetsSource, Mar 8, 2019, in forum: General Discussion
    Replies:
    1
    Views:
    287
    cPanelMichael
    Mar 8, 2019
  4. Maning

    Best Spam settings

    Maning, Jan 31, 2019, in forum: E-mail Discussion
    Replies:
    1
    Views:
    316
    cPanelMichael
    Jan 31, 2019
  5. inteldigital

    Best server side caching on Centos 7/Cloudlinux?

    inteldigital, Nov 13, 2018, in forum: Workarounds and Optimization
    Replies:
    4
    Views:
    514
    cPanelMichael
    Nov 15, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice