The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tweak mod_userdir Security

Discussion in 'Security' started by crazyaboutlinux, Jun 16, 2009.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    mod_userdir Protection:
    Apache's mod_userdir allows users to view their sites by entering a tilde(~) and their username as the uri on a specific host. For example http://test.cpanel.net/~fred/ will bring up the user fred's domain. The disadvantage of this feature is that any bandwidth usage used by this site will be put on the domain it is accessed under (in this case test.cpanel.net). mod_userdir protection prevents this from happening. You may however want to disable it on specific virtual hosts (generally shared ssl hosts.)

    We have enabled mod_userdir Protection for all our users but some our clients want to view their website via For example http://test.cpanel.net/~fred/

    in this section there is mentioned that You may however want to disable it on specific virtual hosts (generally shared ssl hosts.)

    but when i select a domain which i want to disable mod_userdir Protection & then ticked marked on Exclude Protection check box then i have restarted apache web server but still i am unable to view selected domain via IP based

    now please tell what i m doing wrong ??

    Please see attachment for further clarification
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Allowing userdir access is not the greatest of ideas for a lot of reasons ...

    Something you might want to consider is setting up a subdomain alias
    in the Apache configuration for the accounts that need to access their
    sites before their domain DNS propagates, etc

    In example:
    Code:
    Instead of http://www.yourdomain.com/~username,
    it would be http://username.yourdomain.com/
    
    Setting up something like this can be done fairly easily to be added
    automatically to new accounts upon creation with wildcard DNS and
    a few virtualhost template adjustments or just manually updating
    if you only have a few hosts.

    If you think this is something that would interest you, I'll post more
    details about exactly how to set this up.

    PS: The exclude you were talking about in your post excludes the site from protection
    but not from being about to be viewed by ~username
     
    #2 Spiral, Jun 16, 2009
    Last edited: Jun 16, 2009
  3. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    It doesn't considered to subdomain aliases

    mod_userdir Protection: means, clients cannot view their website via IP based for example http://11.11.111.11/~test

    we have enable mod_userdir Protection for all our users but some clients wants to view their website via http://11.11.111.11/~test

    what changes can be done this
     
  4. wesy

    wesy Registered

    Joined:
    Dec 19, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    apache usermod protection

    i m enabling apache usermod protection but still i can use it with tild~ and username on hostname i want it disable i think its not working i dont know why?
     
  5. IbnKuldun

    IbnKuldun Member

    Joined:
    May 6, 2005
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Unfortunately this is not working for me either. It seems like this is an old problem.

    Try this: http://forums.cpanel.net/365353-post9.html

    I tried it but no luck. If it works for you let me know, I may have to submit a ticket.
     
  6. capoinfra

    capoinfra Well-Known Member

    Joined:
    Oct 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Uruguay
    Hello,

    I'm trying to preview the domains in the server but doesn't works.

    From Main >> Security Center >> Apache mod_userdir Tweak I disable the "mod_userdir Protection" but I can not see the preview domain with http://serverIP/~ftpuser/

    Please can you help me?

    I really need preview the sites before the DNS propagation.

    cPanel 11.25.0-R42399 - WHM 11.25.0 - X 3.9
    CENTOS 5.4 i686 standard on cp5

    Thanks in advance!
     
  7. capoinfra

    capoinfra Well-Known Member

    Joined:
    Oct 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Uruguay
    Hello,

    I solved this problem...

    The previews doesn't works if the sites has php index.

    I disabled php open base dir protection for a site that I want to preview and the preview just works...

    Thanks.-
     
  8. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I have disabled this function though i am getting below error

    404 Not Found

    The server can not find the requested page:

    75.96.11.154/~ashbourne/ (port 80)

    Please forward this error screen to 65.98.11.154's WebMaster.
    Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Server at 75.96.11.154 Port 80
     
Loading...

Share This Page