One or more immutable files are preventing cPanel and WHM from updating on your serve

DenRomano

Member
Oct 31, 2012
5
0
1
cPanel Access Level
Root Administrator
I have the same email daily sent to me, I have checked and my guestbook.cgi file is not set to immuable. below is the info

[email protected] [/usr/local/cpanel/cgi-sys]# stat guestbook.cgi
File: `guestbook.cgi'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 9016h/36886d Inode: 201887893 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2013-08-30 06:32:54.756929824 -0700
Modify: 2013-08-30 06:32:54.756929824 -0700
Change: 2013-09-17 13:10:26.201702484 -0700
[email protected] [/usr/local/cpanel/cgi-sys]# lsattr guestbook.cgi
-----a-------e- guestbook.cgi
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,608
79
458
cPanel Access Level
Root Administrator
I have the same email daily sent to me, I have checked and my guestbook.cgi file is not set to immuable. below is the info

[email protected] [/usr/local/cpanel/cgi-sys]# stat guestbook.cgi
File: `guestbook.cgi'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 9016h/36886d Inode: 201887893 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2013-08-30 06:32:54.756929824 -0700
Modify: 2013-08-30 06:32:54.756929824 -0700
Change: 2013-09-17 13:10:26.201702484 -0700
[email protected] [/usr/local/cpanel/cgi-sys]# lsattr guestbook.cgi
-----a-------e- guestbook.cgi
It is set to 'append-only' which is similar. Please remove the 'a' attribute:

chattr -a guestbook.cgi
 

Trane Francks

Well-Known Member
Jun 19, 2012
103
19
68
Machida, Tokyo, Japan
cPanel Access Level
Root Administrator
Re: One or more immutable files are preventing cPanel and WHM from updating

Just want to add the following as a good solution provided to me by James Otting @cPanel:

Create /etc/httpd/conf/userdata/std/2/username/pci.conf containing:

<Files "guestbook.cgi">
Order allow,deny
Deny from all
</Files>

Then rebuild/restart Apache:

/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd

All fine now and requests are refused.
This is an old, 'back from the grave' thread, but I thought it worth sharing that the files deny directive for guestbook.cgi can be safely added to the Pre Main Includes within WHM. After httpd.conf is rebuilt and Apache restarted, attempts to access guestbook.cgi on all server sites will meet with doom and despair from hacker 'bots. Rather than hacking it into place for individual sites, it's safer in 2014 to just disable access to that script entirely for the whole server.