The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cloudlinux symlink security

Discussion in 'CloudLinux' started by anniesteephan, Feb 28, 2013.

  1. anniesteephan

    anniesteephan Member

    Joined:
    Oct 31, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    We recently moved our servers to cloudlinux as many recommending it to
    fix symlink security issue discussed in following thread.

    http://forums.cpanel.net/f185/how-prevent-creating-symbolic-links-non-root-users-202242.html

    After moving server to cloudlinux, i don't do the normal httpd.conf
    disable FollowSymlink overide. After few days, our sites got hacked. We
    fixed it by modifying httpd.conf as per the thread.

    How do i make cloudlinux protect againest these type of attacks ?

    I read many suggesting CageFS, this can be installed on live servers
    or it is a file system like ext3/4 etc.. that need to be enabled
    during OS installation ?

    Thanks,

    Annie
     
  2. lldeepakll

    lldeepakll Well-Known Member

    Joined:
    May 20, 2012
    Messages:
    86
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    CageFS is a virtualized file system and a set of tools to contain each user in its own 'cage'. It can be install using simple Yum command. You can find the cagefs installation steps at below url.

    CloudLinux Documentation

    You can also enable securelinks as described at below url.

    SecureLinks.


    Thanks
     
  3. AlexisMeroni

    AlexisMeroni Active Member

    Joined:
    Feb 9, 2013
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    The cage don't work --'
     
  4. iseletsk

    iseletsk Well-Known Member

    Joined:
    Mar 3, 2010
    Messages:
    163
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Princeton, New Jersey, United States
    Alexis,

    Could you give a bit more details -- what exactly doesn't work?
    CageFS by itself doesn't prevent symlink problem. You have to enable SecureLinks protection to solve it:
    CloudLinux Documentation
     
Loading...

Share This Page