The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Question on cPanel Security Advisor

Discussion in 'Security' started by vlee, Nov 6, 2013.

  1. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator
    When I go to the cPanel Security Advisor in WHM and it reads this below

    Apache is not being queried to determine the actual sender when mail originates from the “nobody” pseudo-user.

    Enable “Query Apache server status to determine the sender of email sent from processes running as nobody” in the “Exim Configuration Manager” area's “Basic Editor”

    Then I find this information Mail

    This option allows the mail delivery process to query the Apache server to determine the true sender of a message when the nobody user sends a message. This option requires an additional connection to the webserver for each message that is sent by the user account nobody (when suPHP and mod_ruid2 are both disabled).

    I have disabled this since I am running suPHP.

    So should I ignore the information from cPanel Security Advisor since I run suPHP?

    OR

    Is it safe to run the recommended information from cPanel Security Advisor Enable “Query Apache server status"?
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    If you run SuPHP, mail from PHP scripts will originate from that domains cPanel user instead of "nobody." Basically, that option is irrelevant if you're using SuPHP, and I'd recommend sticking with SuPHP anyway. The only time mail comes from 'nobody' to begin with is if you're not using SuPHP (i.e. using the DSO handler).
     
  3. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator

    Thank you good to know.
     
  4. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    You may still want to enable this option if you have any vhosts running as nobody (ie shared ssl host, etc).
     
  5. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator
    The only thing shared is a SSL Cert for the host name as nobody for email.

    So this would be safe to do even if server is using suPHP.
     
Loading...

Share This Page