The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel patched Kernel + mod_ruid2 + jailshell and still have a notification of the Bluehost Patch

Discussion in 'Security' started by EneTar, Nov 18, 2016.

  1. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    66
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    I used to have Mod_ruid2 + Apache Jailshell enabled and following this Kernel symlink ownership attacks, while Jailshell & mod_ruid2 enabled I'm using the cPanel patched kernel

    Code:
    uname -r
    2.6.32-642.6.199.2.cpanel6.x86_64
    So currently I have cPanel Patched kernel, mod_ruid2 and jailshell all up and running. The last few days the security advisor showed the Bluhost Patch that is enabled while it dhouldn't be. I contacted my host (Hostgator) and asked them to remove the Bluehost patch and so they did. However the security advisor still shows the respective notice and tells me that the Bluehost patch is active. They opened up a ticket with cpanel describing the situation and here is what we got.

    So what I am asking is the following: Is it a false positive from security advisor and does anybody else experience this?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    This is answered on the following thread:

    Apache Symlink Protection is enabled

    Thank you.
     
Loading...

Share This Page