The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[urgent]

Discussion in 'General Discussion' started by barney-, May 29, 2009.

  1. barney-

    barney- Member

    Joined:
    May 29, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    We use CSF+LFD (ConfigServer Security & Firewall) on one of our servers.

    We attempted to rebuild apache with it enabled. It detected httpd as a threat and removed the binary.

    We can no longer rebuild using easyapache as it says it cannot find the pid (it also deleted the php modules).

    We tried upcp --full and upcp --force. Nothing.

    What do we do to get apache back up and running?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,463
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Chirpy over at his forums could be better answer this for you I'm sure.

    Sounds like you've enabled this setting:

    LF_SCRIPT_PERM

    There are ways to edit that configuration from the command line that might help: http://www.configserver.com/free/csf/readme.txt

    If you could do that, you might be able to run easyapache again and put it back together.
     
  3. barney-

    barney- Member

    Joined:
    May 29, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Nope, it is not enabled. It is an odd problem. I run WHM/cPanel CSF+LFD on a few boxes. Only server it went nuts on.

    I added user:nobody to the ignore list (since apache runs as nobody). I run suexec and suPHP as well so if an exploit is run it should still track the user it is being run under.
     
  4. PlatinumServerM

    PlatinumServerM Well-Known Member
    PartnerNOC

    Joined:
    Jul 10, 2005
    Messages:
    397
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    New Jersey, USA
    cPanel Access Level:
    Root Administrator
  5. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I agree with platinum
     

Share This Page