Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

OWASP mod_security to help /tmp execution

Discussion in 'Security' started by subtopic, Sep 18, 2018.

  1. subtopic

    subtopic Member

    Joined:
    Aug 30, 2018
    Messages:
    16
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    95050
    cPanel Access Level:
    Root Administrator
    Hi there.

    Is there a specific rule that I could enable to help harden the /tmp folder found in each of my clients child cpanel accounts? Such as
    Code:
    /home/user/tmp
    Hackers are uploading a trojan shell in those tmp folders for many of my clients, and then executing it inside of it.

    I have researched it like crazy, and even tried mounting it as
    Code:
    noexec,nosuid
    But as this guide says, that isn't even enough.

    So I was hoping OWASP rules could help.

    Thank you.
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,442
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @subtopic

    You might have more/better results with this in forums specific for mod security:

    ModSecurity / Discussion / Forums
    Free Modsecurity rules - Comodo Web Application Firewall

    The rulesets that come with the default installation of the OWASP mod_security vendor are the only ones we are able to provide support for, what you're requesting a custom rule for /home/$user/tmp and while there may be some here who can definitely answer that question you might also want to check the suggested forums as well.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice