rangka_kacang

Active Member
Jan 31, 2018
35
3
8
Malaysia
cPanel Access Level
Root Administrator
Hello.

I was searching for keywords "composer jailed ssh" on this forum and return no result.

Due to my developer-friendly/oriented environment setup, I plan to give my shared hosting users a Jailed SSH + SSH keys without compromising any security impact but I'm also quite skeptical whether Composer is globally accessible in this mode or not. While I understand it's best not to give out shared hosting users SSH access, I'm now running CloudLinux OS in CageFS if that matters. I'm just curious how to integrate and make it possible for them to use Composer with cPanel - the best possible method.

A lot of people ignorantly believe that SSH access is opening the door to being hacked. While I beg to differ! Almost every major exploit that I can think of in recent years for Linux, could have been done via a cron job, PHP, CGI (Perl), and Python to name a few. While yes, disabling SSH access does make it a tiny bit harder for an attacker to compromise your server... even a moderately experienced script kiddie would then try to run the exploit via PHP or a CGI to get around the lack of SSH access.

Thank you.
 
Last edited:

rangka_kacang

Active Member
Jan 31, 2018
35
3
8
Malaysia
cPanel Access Level
Root Administrator
Hello,

You may find the following CloudLinux links helpful:

The composer installation howto
https://www.cloudlinux.com/forum/forum11/topic480


Thank you.
Hello.

I appreciate your reply. Thank you for the heads up on installing Composer for CloudLinux OS. But my initial question was if it is possible to make it work within Jailed SSH feature of WHM and what is your opinion on this matter in terms of security point of view?

My original idea was:

CloudLinux OS + CageFS + Jailed Shell + SSH key + Alternate SSH Port + Composer

I think this is secure enough to let my shared hosting users use Composer?

Thank you.
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463

rangka_kacang

Active Member
Jan 31, 2018
35
3
8
Malaysia
cPanel Access Level
Root Administrator
Hello.

Inside CageFS jailshell acts same as regular shell -- as it has no real reason to exist. CageFS already provides \"jailed\" environment.
CloudLinux always create inter-marriage problems and reinvent the wheel like PHP selector vs EasyApache4 now CafeFS vs WHM Jailed SSH Tweak. That's why I got confused.

I think I get it now, you can mark this thread as solved. Cheers!

Thank you.
 
  • Like
Reactions: cPanelMichael