Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

OWASP mod_security to help /tmp execution

Discussion in 'Security' started by subtopic, Sep 18, 2018.

  1. subtopic

    subtopic Member

    Joined:
    Aug 30, 2018
    Messages:
    16
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    95050
    cPanel Access Level:
    Root Administrator
    Hi there.

    Is there a specific rule that I could enable to help harden the /tmp folder found in each of my clients child cpanel accounts? Such as
    Code:
    /home/user/tmp
    Hackers are uploading a trojan shell in those tmp folders for many of my clients, and then executing it inside of it.

    I have researched it like crazy, and even tried mounting it as
    Code:
    noexec,nosuid
    But as this guide says, that isn't even enough.

    So I was hoping OWASP rules could help.

    Thank you.
     
    #1 subtopic, Sep 18, 2018
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,442
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @subtopic

    You might have more/better results with this in forums specific for mod security:

    ModSecurity / Discussion / Forums
    Free Modsecurity rules - Comodo Web Application Firewall

    The rulesets that come with the default installation of the OWASP mod_security vendor are the only ones we are able to provide support for, what you're requesting a custom rule for /home/$user/tmp and while there may be some here who can definitely answer that question you might also want to check the suggested forums as well.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelLauren, Sep 19, 2018
(You must log in or sign up to post here.)
Loading...
Similar Threads - OWASP mod_security help
  1. subtopic

    OWASP mod_security breaking Wordpress page save

    subtopic, Sep 18, 2018, in forum: Security
    Replies:
    4
    Views:
    1,096
    subtopic
    Sep 20, 2018
  2. ronaldst

    Updating to OWASP v.3.1 question

    ronaldst, Feb 12, 2019, in forum: Security
    Replies:
    2
    Views:
    183
    cPanelLauren
    Feb 15, 2019
  3. kamranonline

    curl error on OWASP ModSecurity Core Rule Set V3.0 installation

    kamranonline, Dec 10, 2018, in forum: Security
    Replies:
    3
    Views:
    713
    cPanelLauren
    Dec 19, 2018
  4. TheGrumpyOne

    OWASP V3 error when installing.

    TheGrumpyOne, Sep 8, 2018, in forum: Security
    Replies:
    2
    Views:
    294
    cPanelLauren
    Sep 12, 2018
  5. uk01

    OWASP rule set blocking smtp

    uk01, Jun 17, 2018, in forum: Security
    Replies:
    16
    Views:
    828
    uk01
    Sep 24, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice