The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Please provide more info about EasyApache FileProtect feature

Discussion in 'EasyApache' started by Kent Brockman, Jan 31, 2017.

Tags:
  1. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,143
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello guys. Today I upgraded some servers to cPanel 11.62 to discover this new feature.

    Note that I'm using EA4 in all of these servers and the "Enable File Protect" option is ON by default on Tweak Settings. After reading a couple links I arrived here (Apache Module: FileProtect - EasyApache - cPanel Documentation) where it's stated that this feature is to protect public_html folders but all the references in that page point towards EasyApache 3 (even when you run /scripts/enablefileprotect --help)

    So, is this a feature exclusively working with EA3? How does it work under EA4? What permissions are exactly being modified?

    Please ellaborate.
    Thanks! :)
     
  2. vacancy

    vacancy Well-Known Member

    Joined:
    Sep 20, 2012
    Messages:
    121
    Likes Received:
    11
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Easyapache 3 is a function that is enabled by default.

    As mentioned, an important function that public_html folders to be not read by other accounts. FileProtect provides better directory security.

    With 11.58 and Easyapache 4, this function is turned disabled by default. I had to run the /scripts/enablefileprotect command to activate it.

    With 11.62 this function was turned on by default.

    It also added a symlink protect function for mod_php and mod_suphp with 11.62, a very nice improvement. (Apache configuration > Global Configuration > Symlink Protect set on )
     
    #2 vacancy, Jan 31, 2017
    Last edited: Jan 31, 2017
  3. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,143
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Interesting. But what permissions are exactly being modified?
     
  4. vacancy

    vacancy Well-Known Member

    Joined:
    Sep 20, 2012
    Messages:
    121
    Likes Received:
    11
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    There will be no change that affects the running of accounts.

    disable fileprotect - public_html owner username username
    enable fileprotect - public_html owner username nobody
     
    Kent Brockman likes this.
  5. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,143
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Thanks. That's what I exactly wanted to know.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,471
    Likes Received:
    1,217
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    File Protect will check the permissions and ownership values on each user account's public_html directory and each addon domain's DocumentRoot directory and then set the values accordingly. It also takes into account the use of Mod_Ruid2, which changes how the ownership value is configured.

    You can directly view the file that enables the File Protect option if you'd like see how it works in the background:

    Code:
     cat /usr/local/cpanel/scripts/enablefileprotect
    Thank you.
     
    Kent Brockman likes this.
Loading...

Share This Page