Disabling cURL - Pros and Cons

intrinsic

intrinsic

Member
Dec 29, 2013
7
0
1
cPanel Access Level
Root Administrator
Hello cPanel team, we have noticed a surge of brute force attacks using cURL and thus bypassing traditional lockouts on some of our CMS installations.

I know we can disable cURL through php.ini and the Apache compiler, however I would like to know whether or not it is recommended to leave cURL active (as we would like to prevent any loss of service).

Would disabling cURL be an unwise decision?
 
Q

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
A lot of stuff needs cURL.

Are you saying the remote user agent is cURL? If so, removing it from your local system won't make a difference.

Logs would help.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
intrinsic said:
Hello cPanel team, we have noticed a surge of brute force attacks using cURL and thus bypassing traditional lockouts on some of our CMS installations.
Click to expand...
Could you elaborate a little more on the nature of the attack? For instance, how exactly was cURL used to bypass existing security policies?

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A Error logs after disabling functions Security 3
V What are the disadvantage of disabling log out on IP change feature. ? Security 1
G Disabling PHP functions on an Account Security 3
G SSH keys and disabling root Security 1
0 Disabling AutoSSL Issue Security 2
Similar threads
Error logs after disabling functions
What are the disadvantage of disabling log out on IP change feature. ?
Disabling PHP functions on an Account
SSH keys and disabling root
Disabling AutoSSL Issue
Top Bottom