Good Morning,
Security Advisor is suggesting I enable "Jail Apache" in Tweak Settings but the only options I found for this seem to conflict with two other decisions I made in other settings (first, I have shell access disabled for all accounts, and second I chose to not use mod_ruid2 in my Easy Apache build).
To me it seems like it would be a step down in security for me to enable mod_ruid2 (which I currently know little about due to strong preference for stable and non-experimental system config). Same with changing users to cpanel jailshell-- I currently have all account shell access disabled completely.
Can someone explain the advantages of following the security advisor in my situation?
If it makes any difference, we have about 60 different accounts all owned by 1 company on a dedicated server with WHM (no reselling or outside admins, so it seems like the only shell access necessary is 1 wheel group non-root user with ssh keys).
Security Advisor is suggesting I enable "Jail Apache" in Tweak Settings but the only options I found for this seem to conflict with two other decisions I made in other settings (first, I have shell access disabled for all accounts, and second I chose to not use mod_ruid2 in my Easy Apache build).
To me it seems like it would be a step down in security for me to enable mod_ruid2 (which I currently know little about due to strong preference for stable and non-experimental system config). Same with changing users to cpanel jailshell-- I currently have all account shell access disabled completely.
Can someone explain the advantages of following the security advisor in my situation?
If it makes any difference, we have about 60 different accounts all owned by 1 company on a dedicated server with WHM (no reselling or outside admins, so it seems like the only shell access necessary is 1 wheel group non-root user with ssh keys).
