Question on cPanel Security Advisor

vlee

• November 06, 2013 14:56

When I go to the cPanel Security Advisor in WHM and it reads this below Apache is not being queried to determine the actual sender when mail originates from the "nobody" pseudo-user. Enable "Query Apache server status to determine the sender of email sent from processes running as nobody" in the "Exim Configuration Manager" area's "Basic Editor" Then I find this information [url=http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/EximMail]Mail This option allows the mail delivery process to query the Apache server to determine the true sender of a message when the nobody user sends a message. This option requires an additional connection to the webserver for each message that is sent by the user account nobody (when suPHP and mod_ruid2 are both disabled). I have disabled this since I am running suPHP. So should I ignore the information from cPanel Security Advisor since I run suPHP? OR Is it safe to run the recommended information from cPanel Security Advisor Enable "Query Apache server status"?

• 

  quizknows

  • November 06, 2013 23:30

  If you run SuPHP, mail from PHP scripts will originate from that domains cPanel user instead of "nobody." Basically, that option is irrelevant if you're using SuPHP, and I'd recommend sticking with SuPHP anyway. The only time mail comes from 'nobody' to begin with is if you're not using SuPHP (i.e. using the DSO handler).

  0
• 

  vlee

  • November 06, 2013 23:44

  [quote="quizknows, post: 1499542">If you run SuPHP, mail from PHP scripts will originate from that domains cPanel user instead of "nobody." Basically, that option is irrelevant if you're using SuPHP, and I'd recommend sticking with SuPHP anyway. The only time mail comes from 'nobody' to begin with is if you're not using SuPHP (i.e. using the DSO handler).
  Thank you good to know.

  0
• 

  cPanelNick

  • November 07, 2013 05:54

  You may still want to enable this option if you have any vhosts running as nobody (ie shared ssl host, etc).

  0
• 

  vlee

  • November 07, 2013 06:08

  [quote="cPanelNick, post: 1499682">You may still want to enable this option if you have any vhosts running as nobody (ie shared ssl host, etc).
  The only thing shared is a SSL Cert for the host name as nobody for email. So this would be safe to do even if server is using suPHP.

  0

Please sign in to leave a comment.