Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Symlink Protection patchset

Discussion in 'Security' started by John Schmerold, Oct 15, 2017.

  1. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    64
    Likes Received:
    4
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
    #1 John Schmerold, Oct 15, 2017
  2. Muhammed Fasal

    Muhammed Fasal Active Member

    Joined:
    Aug 9, 2017
    Messages:
    39
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You need to login to your server via SSH as root user and then execute below command to know UID and GID of Apache Process:

    ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Muhammed Fasal, Oct 15, 2017
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,888
    Likes Received:
    90
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You can also check this via executing below command directly on your server.

    # id apache
    The output of this command would be like:
    uid=48(apache) gid=48(apache) groups=48(apache)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 24x7server, Oct 16, 2017
  4. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    64
    Likes Received:
    4
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
    OK, in my case it appears to be running as user "nobody" is that optimal?
    [root@cp ~]# ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
    99 99
    EUID EGID
    [root@cp ~]# id nobody
    uid=99(nobody) gid=99(nobody) groups=99(nobody)

    id apache does not exist
     
    #4 John Schmerold, Oct 16, 2017
  5. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    258
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Hi,

    The internal Apache configuration will also denote this:
    Code:
    # grep -E ' (user|group):' /var/cpanel/conf/apache/main
  group:
      group: nobody
  user:
      user: nobody
    This is normal. I also wouldn't recommend trying to change the Apache user, as there are certain safeguards in place to prevent abuse by the Apache user `nobody'.

    Thanks,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 cPWilliamL, Oct 16, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - Symlink Protection patchset
  1. rs200

    New Thread Symlink protection not found after upgrading

    rs200, Dec 12, 2018 at 3:25 AM, in forum: Security
    Replies:
    4
    Views:
    146
    dalem
    Dec 13, 2018 at 1:14 PM
  2. MDHMatt

    Error on KernelCare Free Symlink Protection setup

    MDHMatt, Sep 24, 2018, in forum: Security
    Replies:
    1
    Views:
    124
    Infopro
    Sep 24, 2018
  3. kabatak

    SOLVED [CPANEL-21909] Is KernelCare's Free Symlink Protection free forever?

    kabatak, Jul 24, 2018, in forum: Security
    Replies:
    25
    Views:
    619
    cPanelLauren
    Nov 5, 2018
  4. Elisabeth J Bertrand

    Website owner, very confused about Symlink Protection on Dedi

    Elisabeth J Bertrand, Jun 22, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    151
    cPanelLauren
    Jun 22, 2018
  5. Skin

    Apache Symlink Protection False positive?

    Skin, Jun 6, 2018, in forum: Security
    Replies:
    3
    Views:
    204
    cPanelLauren
    Jun 6, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice