Symlink Protection Options

thanks michael, Unfortunately the problem is that the first option of jailing does not work for me because that option is subdued and not even active on my panel, i can see the option but there is no way for me to get it off the default value of disabled because it is subdued and will not allow me to change it. Unfortunately i did not see

https://forums.cpanel.net/f185/solutions-handling-symlink-attacks-202242-p23.html#post1397221

on this page

Symlink Race Condition Protection

so i was getting frustrated trying to find out how to install the mod.

and the second option on that page is not even an option because quite honestly im not spending a dime to cover a bug. At the time i felt like every doc i went to just sent me to another doc and at one time i must have had 10 tabs open trying to find what i needed.. Thats part of the reason i got upset sir.

So to assist me now that i have a valid license, are you able to tell me how to take that jail option off of subdued so that i can enable it? thanks

 

@shavaun thanks for the extra tip, thats important to mention, thats nice of you.

So what your saying is that i dont have to start from scratch with apache, i can just select the apache configuration option again from whm menu and then select the mod_ruid2 mod from there?

here is my config

 

ok finally i found some text wheeewww lol

https://documentation.cpanel.net/display/EA/Apache+Module%3A+ModRuid2#ApacheModule:ModRuid2-Howtoinstalloruninstallmod_ruid2

 

here is what the doc says

ok so my bad ok, i read that as select... not deselect..


I still think however on the MPM itk config there needs to be a note that says this will not work with mod ruid2.

UPDATE: I think i may have finally gotten it this time. After you rebuild apache following the guide above then you need to select dso option from the Configure PHP and suEXEC if you did not already, then check the easy apache to see if your option to choose the profile with the ruid2 is available, it should be.

Then choose that profile and then go thru the process again each step and make sure you verify at every page if it shows anywhere about the ruid2 that you select that. Then rebuild and i think that will do it.

Then your option under tweaks will finally be available to select. There is also a selection under service manager that i stumbled upon for ruid2 so check that as well.

Whole lot of doing stuff for one change ill tell ya. Its like stuff is scattered all over the place, i think there should be one switch. Do you want ruid2, yes or no.. And thats it, everything else is done lol

 

nothing i read for the ruid2 tonight said anything about bluehost.


oh it came from this...

To apply the patch, select Symlink Race Condition Protection from the Exhaustive Options List stage of the EasyApache interface.

son of a gun folks, bouncing here and there all over the freaken place.. uggggggggg

rebuild one more time and not choose that.

- - - Updated - - -

does Apache suEXEC need to be on or off with ruid2?


all that option says is this

there is no link to more info and no doc attache to it, thats why i chose it. Does not say anything about blue host option.

I guess what i should have done is taken a month or so before doing this and read then entire cpanel doc first cover to cover.. Who really has time for that ya now.. I doubt if anyone other than the devs and maybe a few top support techs have even done so...

 

suEXEC - Wikipedia, the free encyclopedia

ok off then..

scratch that lol.... yes then because if its no then youll get a flag on security advisor lmao... i feel like a rubber ball bouncing endlessly down the tunnel to nowhere lmao

- - - Updated - - -

yes thank goodness, finally i can call that one done... lets have a party lol... ill invite myself...