cPanel Security Advisor query
Nearly all of my servers are coming up with:
[QUOTE]Apache vhosts are not segmented or chroot()ed.
Enable "Jail Apache" in the "Tweak Settings" area, and change users to jailshell in the "Manage Shell Access" area.
... but when I go to that option I get: [QUOTE]** EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel" jailshell.
So is that something I should do or not?! Cheers! Simon
... but when I go to that option I get: [QUOTE]** EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel" jailshell.
So is that something I should do or not?! Cheers! Simon
-
Hello :) Please see the description for this option: If mod_ruid2 is compiled in via EasyApache, mod_ruid2 is enabled, and a user has their shell set to jailshell or noshell, enabling this option will chroot() a user's Apache Virtual Host into the cPanel" jailshell environment. Each user will require 14 bind mounts. While modern Linux supports a very large number of bind mounts, many processes read /proc/mounts (even mkdir on RHEL 5 and CentOS 5). Reading /proc/mounts can be quite expensive when it becomes large. It is highly recommended that you do not exceed 256 jailed users unless you are using RHEL 6 or CentOS 6. I recommend verifying the OS version and the number of users on your system before enabling this option. Thank you. 0
Please sign in to leave a comment.
Comments
1 comment