Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Symlink Protection patchset

Discussion in 'Security' started by John Schmerold, Oct 15, 2017.

  1. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    61
    Likes Received:
    3
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
    #1 John Schmerold, Oct 15, 2017
  2. Muhammed Fasal

    Muhammed Fasal Active Member

    Joined:
    Aug 9, 2017
    Messages:
    39
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You need to login to your server via SSH as root user and then execute below command to know UID and GID of Apache Process:

    ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Muhammed Fasal, Oct 15, 2017
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,792
    Likes Received:
    83
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You can also check this via executing below command directly on your server.

    # id apache
    The output of this command would be like:
    uid=48(apache) gid=48(apache) groups=48(apache)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 24x7server, Oct 16, 2017
  4. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    61
    Likes Received:
    3
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
    OK, in my case it appears to be running as user "nobody" is that optimal?
    [root@cp ~]# ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
    99 99
    EUID EGID
    [root@cp ~]# id nobody
    uid=99(nobody) gid=99(nobody) groups=99(nobody)

    id apache does not exist
     
    #4 John Schmerold, Oct 16, 2017
  5. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    29
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Hi,

    The internal Apache configuration will also denote this:
    Code:
    # grep -E ' (user|group):' /var/cpanel/conf/apache/main
  group:
      group: nobody
  user:
      user: nobody
    This is normal. I also wouldn't recommend trying to change the Apache user, as there are certain safeguards in place to prevent abuse by the Apache user `nobody'.

    Thanks,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 cPWilliamL, Oct 16, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - Symlink Protection patchset
  1. Elisabeth J Bertrand

    Website owner, very confused about Symlink Protection on Dedi

    Elisabeth J Bertrand, Jun 22, 2018 at 1:52 AM, in forum: General Discussion
    Replies:
    1
    Views:
    38
    cPanelLauren
    Jun 22, 2018 at 11:46 AM
  2. Skin

    Apache Symlink Protection False positive?

    Skin, Jun 6, 2018, in forum: Security
    Replies:
    3
    Views:
    70
    cPanelLauren
    Jun 6, 2018
  3. matt1206

    No symlink protection detected

    matt1206, May 31, 2018, in forum: Security
    Replies:
    5
    Views:
    82
    cPanelMichael
    Jun 1, 2018
  4. celiac101

    Is Symlink Race Condition Protection Needed on a Non-Shared Server?

    celiac101, May 17, 2018, in forum: Security
    Replies:
    4
    Views:
    122
    celiac101
    May 21, 2018
  5. thanasis

    No symlink protection detected?

    thanasis, Feb 6, 2018, in forum: Security
    Replies:
    3
    Views:
    276
    cPWilliamL
    Feb 7, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice