The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing Cpanel Server

Discussion in 'General Discussion' started by flashweb, Jun 24, 2003.

  1. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    243
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi,

    By using scdipts like PHP Shell, a user can view other users files, view the content of scripts, data files, etc...

    So other users files are not secure. I found Enism advertise it will secure users data.

    I have found some cpanel servers do this with out turning ON php safe mode.

    How to solve this ?

    Regards,

    Yujin

    cPanel.net Support Ticket Number:
     
  2. www-lab

    www-lab Well-Known Member

    Joined:
    Feb 1, 2003
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    use open_basedir and disable function, but this is only php. Any user with CGI access still can view other user files.

    cPanel.net Support Ticket Number:
     
  3. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    243
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    How to use open_basedir and disable function ?

    Can you explain ?

    Is it possible to chmod /home folder to some thing different ?

    Hope running suexe will solve the cgi problem.

    cPanel.net Support Ticket Number:
     
  4. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    If you have your WHM updated ... (to version 7.0.x)
    you can use :

    tweak security link in WHM.

    Regards.

    cPanel.net Support Ticket Number:
     
  5. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    243
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I was using Stable Tree.

    WHM 6.4.2 Cpanel 6.4.2-S75 RedHat 7.3

    Now updating to Release Tree. Hope this will update WHM to v7.

    cPanel.net Support Ticket Number:
     
  6. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    Hum... well... if you look at layer2.cpanel.net you'll see that the last non EDGE non BETA release is :
    Cpanel-6.4.2-STABLE_85-FreeBSD-i386-libc (Tue Jun 10 08:42:46 2003)

    But you need 7.0.5 or Up. for this feature.
    or wait to July when version 7 will be stable.

    Regards.

    cPanel.net Support Ticket Number:
     
  7. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    243
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi,

    I tryed updating Cpanel to RELEASE tree.

    It get updated to

    WHM 6.4.2 Cpanel 6.4.2-R79

    WHM 7 is in EDGE tree ?

    Regards,

    Yujin

    cPanel.net Support Ticket Number:
     
  8. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    Yes, CPANEL 7 is on EDGE. :rolleyes:

    cPanel.net Support Ticket Number:
     
  9. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    243
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks for the reply.

    I will wait for v7 available in Stable Tree.

    cPanel.net Support Ticket Number:
     
  10. MscLimp

    MscLimp Active Member

    Joined:
    Mar 3, 2003
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Where is tweak security link located in WHM?

    cPanel.net Support Ticket Number:
     
  11. www-lab

    www-lab Well-Known Member

    Joined:
    Feb 1, 2003
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    I'm also interested, what is exactly that tweak doing?

    cPanel.net Support Ticket Number:
     
  12. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    It modifies the httpd.conf virtual hosts by default
    and adds security for PHP (lock includes on user dir & tmp only, etc.)

    Regards.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page