The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Symlink Race Condition Protection

Discussion in 'Security' started by LordLiverpool, May 9, 2017.

  1. LordLiverpool

    LordLiverpool Active Member

    Joined:
    Dec 27, 2014
    Messages:
    44
    Likes Received:
    6
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Hello cPanel

    I got an email to say my server had a high risk Symlink vulnerability:

    01 First Email.JPG

    I followed the link and hardened my server.

    The very next day I got another email to say I had a medium risk Symlink vulnerability:

    02 Second Email.JPG

    Is there any way I can remain on CentOS (not CloudLinux) and fully resolve this issue?

    Thanks.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It's advised to disable the Bluehost symlink patch if you already have protection against symlink attacks enabled at the kernel-level.
    To disable the Bluehost symlink protection patch, select Off for the Symlink Protection option in the Global Configuration section of WHM's Apache Configuration interface (Home >> Service Configuration >> Apache Configuration). This is documented at:

    Symlink Race Condition Protection - EasyApache 4 - cPanel Documentation

    Thank you.
     
  3. Jaison V John

    Jaison V John Member

    Joined:
    Apr 15, 2016
    Messages:
    17
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi @cPanelMiachel,

    Will the Symlink Race Condition Protection work on an OpenVZ container?
     
  4. Jaison V John

    Jaison V John Member

    Joined:
    Apr 15, 2016
    Messages:
    17
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Update, I've verified that the Symlink Race Condition Protection will not work on an OpenVZ container. Thanks!
     
    cPanelMichael likes this.
Loading...

Share This Page