The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Helpful tip for securing your server a little bit more...

Discussion in 'General Discussion' started by WebOnce, Mar 25, 2005.

  1. WebOnce

    WebOnce Well-Known Member

    Joined:
    May 20, 2004
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Lansing, MI, USA
    If your running a server where you have problems with people running resource intensive scripts as 'nobody' through php or the likes, one option is to put in a cronjob that kills all processes owned by 'nobody' every so often.

    What's a problem with this? Every time it does it, it can kill specific programs... the one i've had to deal with lately is Melange chat server.

    What's the solution? Make melange run as another user!

    here's what I did...

    Code:
    useradd melange
    then i opened /etc/init.d/cpanel and changed:

    Code:
    daemon /usr/local/cpanel/bin/startmelange
    to

    Code:
    daemon --user melange /usr/local/cpanel/bin/startmelange
    and then edit /scripts/restartsrv_melange

    change

    Code:
    my $processowner = 'nobody';
    to

    Code:
    my $processowner = 'melange';
    It would be nice to see things like this done with the other services in the standard setup so people would be more empowered to stop problems before they start.

    Keep in mind, these will be reset when you upcp, so you may either just want to chattr +i the files so they won't be changed, or just use a but of scripting in the file that runs after upcp (i can't recall what it is, but if someone wants to remind me, I might feel obligated to write the script :D)
     
Loading...

Share This Page