The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Implications of Mod_Userdir

Discussion in 'EasyApache' started by Staxed, Sep 30, 2016.

Tags:
  1. Staxed

    Staxed Registered

    Joined:
    Jun 25, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am coming back to cpanel after being with Interworx for that past 3 years. It seems like Mod_Ruid2 was enabled by default, which disabled mod_userdir so I can't easily use temporary directory's for new customers now.

    I know I can have them edit their hosts file to fix the issue...but that's a bit to expect from a new customer (though depending on security issues I might go that route). Is there any reason to be using mod_ruid2 instead of mod_userdir that makes it worth losing out of the temp domain feature?
     
  2. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    AFAIK, the main reasons to use mod_ruid2 are for Symlink Race Condition Protection and to have PHP processes run under the users' accounts without running suPHP.

    There are some drawbacks to using mod_ruid2 beyond just the inability to use mod_userdir. Until cPanel v.58.0.30, mod_ruid2 interfered with mod_security writing to the audit logs by user. That's supposed to be fixed, but there is still a conflict that prevents any of the mod_security rules that use data persistence--like those preventing brute force login attempts--from writing to the DBM files that breaks important parts of mod_security. That was enough for me to quit using mod_ruid2 and look for alternative symlink race condition protections.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    651
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page