Question on cPanel Security Advisor

vlee

Well-Known Member
Oct 13, 2005
374
26
178
Spokane, Washington
cPanel Access Level
Root Administrator
When I go to the cPanel Security Advisor in WHM and it reads this below

Apache is not being queried to determine the actual sender when mail originates from the “nobody” pseudo-user.

Enable “Query Apache server status to determine the sender of email sent from processes running as nobody” in the “Exim Configuration Manager” area's “Basic Editor”

Then I find this information Mail

This option allows the mail delivery process to query the Apache server to determine the true sender of a message when the nobody user sends a message. This option requires an additional connection to the webserver for each message that is sent by the user account nobody (when suPHP and mod_ruid2 are both disabled).

I have disabled this since I am running suPHP.

So should I ignore the information from cPanel Security Advisor since I run suPHP?

OR

Is it safe to run the recommended information from cPanel Security Advisor Enable “Query Apache server status"?
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
If you run SuPHP, mail from PHP scripts will originate from that domains cPanel user instead of "nobody." Basically, that option is irrelevant if you're using SuPHP, and I'd recommend sticking with SuPHP anyway. The only time mail comes from 'nobody' to begin with is if you're not using SuPHP (i.e. using the DSO handler).
 

vlee

Well-Known Member
Oct 13, 2005
374
26
178
Spokane, Washington
cPanel Access Level
Root Administrator
If you run SuPHP, mail from PHP scripts will originate from that domains cPanel user instead of "nobody." Basically, that option is irrelevant if you're using SuPHP, and I'd recommend sticking with SuPHP anyway. The only time mail comes from 'nobody' to begin with is if you're not using SuPHP (i.e. using the DSO handler).

Thank you good to know.