SOLVED EA-10515 - Cpanel Nginx Hardening Security

hostgrup

Registered
Feb 21, 2022
4
0
1
Turkey
cPanel Access Level
Root Administrator
Hi everybody;

Hacking occurs because Nginx does not have mod_userdir. How to secure Apache mod_userdir in nginx? Also, how are smylink and shell protections provided? When using nginx, harmful files from Wordpress sites with alfa shell are thrown into different directories. How is directory protection ensured?

Best Regards
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,961
1,725
363
cPanel Access Level
Root Administrator
Hey there! mod_userdir can have security implications, but it wouldn't cause anyone to be hacked. Nginx is not compatible with mod_userdir due to the passenger module.

Can you be more specific about the symlink and shell protections you're looking for?
 

hostgrup

Registered
Feb 21, 2022
4
0
1
Turkey
cPanel Access Level
Root Administrator
I am sending additional file. These harmful contents were in many directories. we have turned on smylink protection. We provided security with disable function. We made csf security check measures. It happened when I used nginx.There is a vulnerability to switch to a directory when using nginx, which I cannot fully resolve.
 

Attachments