CPANEL-41951 - LiteSpeed segmented chroot()ed spam on server that don't have LiteSpeed
As of late I'm getting email warnings from WHM which appears to be spam as I'm not interesting in CloudLinux nor Litespeed.
These servers don't even have LiteSpeed on
Sample below:
What's pretty irritating is there warnings are almost daily and on all of many of my servers.
How do I turn these off without compromising the entire system of notifications of problems?
The links provided below is for global, not to switch of individual spammy messages about products I don't use or want to use.
What am I missing?
Medium | Apache | LiteSpeed vhosts are not segmented or chroot()ed. Consider a more robust solution by using " |
-
Hey there! If you aren't running Litespeed, it doesn't make sense to me that you are receiving that message. Is it possible that any Litespeed packages are installed on the server? If not, could you create a ticket with our team so we can take a look? 0 -
Same situation. We are still seeing these messages. We have submitted a support request 94514265. Is this an upsell, bad notification programming or a real issue we need to learn to resolve. 0 -
Thanks for posting that ticket number. I'm following along on my end now so we can get to the bottom of this. 0 -
I've been having the same issue - no litespeed. Originally the message also suggested that I enable mod_ruid2, enable Jail Apache, and change users to jailshell. I did all those items but still get this message. 0 -
Same here. Litespeed not active/installed... 0 -
There is a case opened with the development team. They see it but do not have a fix yet. Will post any updates here. 0 -
We're tracking this issue with case CPANEL-41951 and I'll be sure to post updates once I get them! 0 -
Joe the solution you are asking about is related to securing "Apache vhosts" which will give you a bill of clean health if you use the Security Advisor direction. (This will be seen if you continue. We are setup to use prefork since we relied on the Security Advisor to secure the WHM/CPanel installation. It will let you know if your Apache shell accounts are not jailed, aloong with other security recommendations. You will also see upsells for other products. The current issue is related to a "Litespeed vhosts" system notification. LiteSpeed Web Server is an Apache alternative which requires a paid license, Note: There is a free version which is limited to one domain and 2gb of memory. The security advisor does not show this as a problem hence the big question: Why are we getting this particular message? 0 -
Joe the solution you are asking about is related to securing "Apache vhosts" which will give you a bill of clean health if you use the Security Advisor direction. (This will be seen if you continue. We are setup to use prefork since we relied on the Security Advisor to secure the WHM/CPanel installation. It will let you know if your Apache shell accounts are not jailed, aloong with other security recommendations. You will also see upsells for other products. The current issue is related to a "Litespeed vhosts" system notification. LiteSpeed Web Server is an Apache alternative which requires a paid license, Note: There is a free version which is limited to one domain and 2gb of memory. The security advisor does not show this as a problem hence the big question: Why are we getting this particular message?
Interesting... Your warning: LiteSpeed vhosts are not segmented or chroot()ed. My warning: Apache vhosts are not segmented or chroot()ed. I guess I'll go make a new thread? Thanks for the clarification.0 -
Nah, no need for a new thread. The Apache warning is expected. The LiteSpeed warning is not, especially if you don't have it installed. 0 -
Right - the email notification is what this case is about. The Apache issue is something you should actually check and decide how to handle. 0 -
I've been going over these alerts and applying the recommendations. I rolled my eyes so hard about a security alert, if I don't make a purchase I'm insecure, that I think I blew out some ocular ligaments. I'm glad that this is a "bug" and that it's active and open! I do have, hopefully, a non vapid comment on the problem. I see that there is a php litespeed cpanel rpm installed. If we're not running a CloudLinux kernel, CloudLinux or LiteSpeed daemon, is it possible that the check might be triggering on this rpm? 0 -
I've given up on this issue after logging a ticket. Reasons hereunder: Ticket reply was (not a public article you have to log on): - Disable specific Security Advisor State Change notifications How about I vote to turn off all broken and spammy messages? Ticket 94515863 When you've been using software for years and you spot obvious issues voting is a frivolous activity because it's logical to you and the rest of the community. So instead of enjoying my holidays every morning I log on to find lots of messages that I have to ignore. The issue is my systems are carefully tuned across many mediums, Slack, PRTG, Email, WhatsApp, etc. Any kind of noise means I can't focus on the real problems. EDIT: After having typed this reply I see the title of this forum post now has a "In Progress" moniker attached to it. Not sure what that means but hopefully something is being done behind the scenes with regards to this. 0 -
@eugenevdm.host - I was going to say, there is a case open, and CPANEL-41951 is titled "Security Advisor can reference Litespeed even when not installed." Once the case is resolved, that will fix that area of Security Advisor, and that support article will no longer be necessary. That specific feature is five years old, but I'll bring that up with the team today to get some fresh eyes on it. Is there another area of Security Advisor you'd like to see improved? 0 -
+1 also effected by this issue. We received a security alert for both Apache and LiteSpeed, we only have Apache installed. I've actioned the recommended changes for Apache which resolved those alerts. Even if I had LiteSpeed installed I'm not sure what a LS user could do? the email message says rebuild on a new operating system which isn't happening. Seems like an abuse of this notification system IMO :/ 0 -
Potential lead, I just noticed that EasyApache has the PHP litespeed module installed (despite it not being needed). EasyApache seems to ignore me marking this to be uninstalled. :/ Perhaps this superflous package is triggering the cPanel Security Advise Notification. 0 -
@cPRex - thanks for clarification on this matter. I also have the same issue. Meanwhile, the other question (perhaps needs a new thread?) is why is jail apache using mod_ruid2 experimental (after what, a decade or more?) Does cPanel not care about security? Instead of offering a robust jailed segmented vhosts option, we are still being sold another upgrade / spend more money and purchase CageFS ? 0 -
@WorkinOnIt - I think the short answer to that is that the CloudLinux tools are amazing and do MUCH more than just jail accounts, so we don't want to reinvent the wheel when such a good tool is available. 0 -
The issue is about an error message that is not accurate which leads to wasted support hours troubleshooting a problem that does not exist, not to mention questioning confidence in the "system". The longer it takes to fix this errant notification does not help the situation. 0 -
When the case is resolved, the messages will stop being sent in error. I did reach out to our developers to let them know that many users are still seeing this warning, and while there has been some action on the case internally, I don't have much I can share at this point, other than it is being worked on. 0 -
Update - this is going to be resolved in 110. I haven't heard if this will make it into the 108 changes just yet. 0 -
Update - this is going to be resolved in 110. I haven't heard if this will make it into the 108 changes just yet.
Version 110? Holy cow, that seems pretty far out. Is there a best recommendation of which notification(s) to turn off or reconfigure in the interim (as a workaround) to stop getting these "litespeed vhost" false alarms? I've been getting the warnings almost daily.0 -
@yatesf - is it? We have released on Edge version of 110 just this last week. 0 -
I have the same issues described in this thread on my VPS that's currently at 108.0.14. The bogus Security Advisor notifications are a nuisance and tt would be nice to have it resolved before 110. 0 -
I still had that spam email coming in every few weeks even on 108.0.15 so I was kind of forced to upgrade to latest WHM build... 0
Please sign in to leave a comment.
Comments
29 comments