The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

strange warnings after ".../apache_conf_distiller --update"

Discussion in 'Security' started by jols, Aug 17, 2010.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Upon running the following command at shell:
    /usr/local/cpanel/bin/apache_conf_distiller --update

    Every one and awhile I am finding stuff like this being echoed back to the shell window:

    warn [apache_conf_distiller] Unable to determine domain subdomain.mainddomain.com ownership. Attempting lookup on domain mainddomain.com (manually added domain).

    warn [apache_conf_distiller] Unable to determine domain subdomain.mainddomain.com ownership. Setting to user to 'nobody'.

    (Note: I have changed the actual name of the subdomain and the maindomain for this forum post.)

    In such cases the domain names that come up are not directing traffic to our server, and as far as we can tell were never parked to any other account we host, or perhaps were parked/added a very long time ago.

    Questions:

    1 -- Where does this kind of thing come from, and how can we prevent needless entries being made to the httpd.conf (obviously if the domains are not directing traffic to the server and have never been parked or added by any account user?)

    2 -- Wouldn't the following create a security issue of some kind:

    Setting to user to 'nobody'.



    Thanks very much.
     
  2. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Update to the above - I am starting to find that some of these domains belonged to accounts that moved to other servers (log ago), however I am unable to find any records on the server where these warnings come from, e.g. no DNS records, no other entries in httpd.conf, no entries in /etc/localdomains

    So, where in the heck is Apache getting the idea that these domains belong on the server and therefore need entries in httpd.conf ???
     
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    By default, Apache/httpd runs as the system user "nobody" -- this is normal. To enhance security for CGI and PHP scripts you may consider using suEXEC and suPHP. Reference: WHM: Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration

    To help locate where the entries may exist, try using the following commands to search via root SSH access, while ensuring to replace the example "domain.tld" with the applicable domain name to look for:
    Code:
    # grep -Hin "domain.tld" /etc/*domains /etc/*users
    # grep -HinR "domain.tld" /var/cpanel/users /var/cpanel/userdata
    Please save fresh backups before and after performing or attempting any corrective measures:
    Code:
    # cp -av /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.backup.$(date -u +%Y%m%d%H%M%S%Z)
    # find /etc -maxdepth 1 -type f -regex ".*\(users\|domains\|owners\)" ! -size 0 -exec cp -av '{}' '{}'.backup.$(date -u +%Y%m%d%H%M%S%Z) \;
    # cp -av /var/cpanel/users /var/cpanel/users.backup.$(date -u +%Y%m%d%H%M%S%Z)
    # cp -av /var/cpanel/userdata /var/cpanel/userdata.backup.$(date -u +%Y%m%d%H%M%S%Z)
     
Loading...

Share This Page