The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Advisor Warnings

Discussion in 'Security' started by volex, Apr 28, 2016.

  1. volex

    volex Member
    PartnerNOC

    Joined:
    Feb 5, 2008
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    Upon upgrading to the 56 build security advisor is sending out warning messages many of which do not apply. Is there a way to disable these messages from being sent prior to the 56 update as Check::SecurityAdvisorStateChange does not exist in the contact manager until 56?

    Thanks
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    This behavior stems from the following case found in the version 56 change log:

    Code:
    Implemented case CPANEL-3990: Send notifications when there is new security advice.
    It's not currently possible to disable this notification before the update to cPanel version 56, but as you mentioned, you can disable it after the update by changing the notification settings for "Security Advisor State Change" via "WHM Home » Server Contacts » Contact Manager". A custom workaround you may consider is to create a custom Exim filter before the update that discards that specific notification before delivery.

    Also, I'd like to note that we appreciate any feedback you have to offer for these types of changes on our Edge-Users mailing list:

    Edge-Users Info Page

    The sooner in the development cycle we hear feedback on these changes, the more likely it is we can take action before a new version is published. There's a recent blog post you may find helpful at:

    The cPanel Development Process | cPanel Blog.

    Could you provide us with the specific warning messages that are false positives so we can open internal cases for each issue as needed?

    Thank you.
     
  3. jpants

    jpants Member
    PartnerNOC

    Joined:
    Sep 29, 2006
    Messages:
    5
    Likes Received:
    1
    Trophy Points:
    1
    It is possible to manually disable these notifications prior to 11.56. I came up with a quick script if you are interested:
    Code:
    #!/bin/bash
    # Disable Security Advisor Notifications
    
    #Generate icontact preferences file
    if [ ! -f /var/cpanel/icontact_event_importance.json ]; then
        /usr/local/cpanel/whostmgr/bin/whostmgr2 ./saveeditcontact
    fi
    
    #Disable Security Advisor Notifications
    if [[ -f /var/cpanel/icontact_event_importance.json && ! `grep SecurityAdvisorStateChange /var/cpanel/icontact_event_importance.json` ]]; then
        sed  -i 's/"Check":{/"Check":{"SecurityAdvisorStateChange":"0",/' /var/cpanel/icontact_event_importance.json
    elif [[ -f /var/cpanel/icontact_event_importance.json && `grep SecurityAdvisorStateChange /var/cpanel/icontact_event_importance.json` ]]; then
        sed -i -r 's/"SecurityAdvisorStateChange":"?[0-9]"?/"SecurityAdvisorStateChange":"0"/' /var/cpanel/icontact_event_importance.json
    fi
     
    #3 jpants, Apr 29, 2016
    Last edited: Apr 29, 2016
    cPanelMichael likes this.
Loading...

Share This Page