switching from suphp to mod_ruid

[maestroc]

I am always paranoid to make any serious changes that I don't totally understand on my server, so when I got a security advisory saying that:

Apache vhosts are not segmented or chroot()ed. Enable “mod_ruid2” in the “EasyApache 4” area, enable “Jail Apache” in the “Tweak Settings” area, and change users to jailshell in the “Manage Shell Access” area. Consider a more robust solution by using “CageFS on CloudLinux”. Note that this may break the ability to access mailman via Apache.

I wanted to know if there is anything I might break if I disable suphp and switch over to ruid? I have about two dozen sites running on the server, all running Joomla or Wordpress if that matters at all. One account DOES use mailman but the others do not but it sounds as though the CageFS is not necessary so hopefully that won't be an issue?

 

[cPanelWilliam]

Hi! In most cases, switching from suphp to mod_ruid2 should not cause websites to break. In the off-chance that it does cause website breakage, you can easily uninstall mod_ruid2 via the EasyApache 4 interface, and then switch your PHP Handlers back to suphp via the MultiPHP Manager interface in WHM. The "Jail Apache Virtual Hosts using mod_ruid2" tweak setting is experimental and may result in unintended consequences. For this reason, I'd recommend trying this setting in a test environment before enabling it on a production server.

Alternatively, you could consider converting your server to CloudLinux to enable CageFS to secure your accounts instead of the experimental "Jail Apache Virtual Hosts using mod_ruid2" tweak setting.