SOLVED cPanel Security investigator

[retechpro]

Hi, is it safe to run these command on server? As my server administrator company said to run this command on cpanel server to check if there is any security tweaks on server.


/usr/local/cpanel/3rdparty/bin/perl <(curl -s https://raw.githubusercontent.com/cPanelTechs/CSI/master/csi.pl)

 

[xpy-xpy]

The script was created by the Cpanel team, so I assume it should be pretty safe to use. It makes no changes to your system, only provides recommendations based on the findings of the security scan.

GitHub - CpanelInc/tech-CSI: cPanel Security Scan

cPanel Security Scan. Contribute to CpanelInc/tech-CSI development by creating an account on GitHub.

github.com

 

[cPRex]

Correct - that's something we made, so it's completely safe to run.

 

[jeffschips]

When I run this script I get the message:

[RECOMMENDATIONS]: You should consider making the following recommendations:
> Using OWASP ModSecurity 2.9 Core Rule Set v3.3.4 YAML rules - Please consider using the RPM
\_ yum install ea-modsec2-rules-owasp-crs

But ea-modsec2-rules-owasp-crs is already loaded. . . or I think it is. . .

This is what is showing as loaded:
OWASP CRS v3.x for ModSec 2.9 (via pkg)
OWASP ModSecurity 2.9 Core Rule Set v3.3.4 (via package “ea-modsec2-rules-owasp-crs”)

I did the download but now what? Is OWASP CRS v3.x for ModSec 2.9 (via pkg)
OWASP ModSecurity 2.9 Core Rule Set v3.3.4 (via package “ea-modsec2-rules-owasp-crs”)
the same as ea-modsec2-rules-owasp-crs?

 

[cPRex]

@jeffschips - while safe to run, that script was designed for cPanel techs to use internally, so it may not be polished like the cPanel interfaces. If it's telling you something that is obviously already there, feel free to ignore that.

 

[jeffschips]

Great. Makes sense. thanks.