The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

upcp is changing httpd.conf to 600 this break many fantastico installation

Discussion in 'General Discussion' started by BianchiDude, Jul 18, 2005.

  1. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    upcp is changing httpd.conf to 600 this break many fantastico installation

    Why is upcp changing httpd.conf to 600?

    I have custom scripts that need to access it, i need it to stay 644, also fantastico needs it to be 644.

    Is anyone else having this problem? How can I prevent upcp form chaning it?
     
  2. kosmo

    kosmo Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    403
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    All over Europe
    The latest Fantastico version 2.8.8 r10 doesn't need any more access to httpd.conf.

    kosmo
     
  3. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    My custom scripts still need access to it.
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You can't, that is how it now works from EDGE onwards. You'll have to change how your scripts work.
     
  5. kosmo

    kosmo Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    403
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    All over Europe
    I suggest to open a bugzilla ticket requesting to make it a WHM Tweak Settings option. This would make sense, in particular for individuals with a few trusted accounts on a server.

    kosmo
     
  6. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider

    Why do you need to read httpd.conf?

    Sadly, in general

    Security = 1/Convience

    another way of saying that

    security is inversely proportional to convenience
     
  7. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Doesnt cpanel need it to read the subdomain and parked domain info?
    Getting an error on customers cpanel every day saying that httpd.conf cant be read and we keep changing it each day.. sigh :)
     
  8. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    What security issues? What is in httpd.conf that will give me access to the server?
     
  9. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Account usernames for starters. Lots of general data.
     
  10. silversurfer

    silversurfer Well-Known Member

    Joined:
    Dec 29, 2002
    Messages:
    274
    Likes Received:
    0
    Trophy Points:
    18
    We have clients complaining today of this error in Cpanel :

    [an error occurred while processing this directive] Dedicated Ip Address
    [an error occurred while processing this directive]
    [an error occurred while processing this directive]

    etc. Changing it to 644 fix it.

    This is on c131.
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Well, unless edge fixes that problem you should log it in bugzilla.
     
  12. silversurfer

    silversurfer Well-Known Member

    Joined:
    Dec 29, 2002
    Messages:
    274
    Likes Received:
    0
    Trophy Points:
    18
    Well the number of issues needing an update to edge to fix this 2 days is just too much... oh well.
     
  13. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    WHAT? like at hacker is going to check httpd.conf for usernames when /etc/passwd is world readable. Does anyone know of an actual security issue?
     
  14. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It is a serious security issue having access to httpd.conf because of the information that it contains. Security is about layers and preventing access to one file helps build up that security. Users should not have general access to httpd.conf and it's excellent that cPanel have developed a way to block that. It's unfortunate that it's broken something for you, but you'll simply have to work around the issue as it's not going to go away.
     
  15. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    Ok, thanks for the info, ill just create a sudo command to cat it.
     
  16. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    Does more than breaks Fantastico it also means users cannot manage addon or parked domains from cpanel any longer. They just get the cannot read httpd.conf premission errors when they try.

    This is silly.
     
  17. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    Well I do not but your own software does. Cannot manage addon or parked doamins via cpanel anylonger. At least test your changes before you go off changing things and making a statement like that.
     
  18. tgibobby

    tgibobby Active Member

    Joined:
    Apr 12, 2004
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Add a cron to chmod httpd.conf 644 after every upcp:)
     
  19. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    You have made a decision to use the Edge release, thus you have taken the choice to use a NON STABLE TESTING RELEASE! You report bugs, cPanel fixes them and eventually releases a Current > Release then Stable build. You need to expect that such issues will arise when you make a decision to use Edge on production systems.

    You can not fault cPanel for your own ignorance, and you can not fault them for improving security. They have workarounds, and they have a proper means of reporting such issues ( bugzilla.cpanel.net ). Also, contact the vendor of any 3rd party software that doesn't work as that is far from cPanels responsibility.
     
  20. silversurfer

    silversurfer Well-Known Member

    Joined:
    Dec 29, 2002
    Messages:
    274
    Likes Received:
    0
    Trophy Points:
    18
    ummm.. I am on Current build btw.
     
Loading...

Share This Page