The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

NginxCP.com's Nginx installer for cPanel is modifying the server's signature...

Discussion in 'Workarounds and Optimization' started by fevangelou, Jan 11, 2011.

  1. fevangelou

    fevangelou Member

    Joined:
    Oct 10, 2010
    Messages:
    20
    Likes Received:
    3
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    I found out that the NginxCP.com installer is modifying the server's signature from "nginx" to "nginx admin".

    A friend posted on their site and his comment was deleted.

    If they "tweaked" the signature for some reason, they could have tweaked the entire installer to do other things too.

    I'll investigate this further. Let's see what the NginxCP.com guy responds to this...
     
  2. kernow

    kernow Well-Known Member

    Joined:
    Jul 23, 2004
    Messages:
    865
    Likes Received:
    9
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    At best your overly suspicious, at worst paranoid? There are several versions of nginx around, I see nothing wrong with changing nginx to "nginx admin" to reflect the version being used.
    BTW I'm not involved with developing this version, just someone who uses this very helpful script.
     
  3. fevangelou

    fevangelou Member

    Joined:
    Oct 10, 2010
    Messages:
    20
    Likes Received:
    3
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    @kernow It's a good practice that the server maintains it's correct signature for various reasons.

    @all
    Having searched a part of the files, I don't see anything suspicious, but then again, Python is not my programming weapon of choice...

    Maybe a more experienced "eye" could have a look as well.

    Having compared NginxCP's files with blargman's original installer, I can distinguish 3 things:
    1) NginxCP offers a GUI
    2) NginxCP treats subdomains & domains differently upon installation, compared to Blargman's script
    3) NginxCP uses same versions for the side scripts used (e.g. mod_rpaf etc.), but some files (most are binary) are changed. This could be due to different "sub versions"... or something totally different.

    Anyway, thought people should know. When you're installing any script on your server you always have to be careful not to open a backdoor anywhere and this is common sense, not paranoia. ;)
     
Loading...

Share This Page