Kernel Symlink Protection
Hello, Actually, the message you see in "WHM >> Security Advisor" is a false positive. You can safely ignore the message about the BlueHost patch, as internal case CPANEL-9914 is open to address an issue where Security Advisor falsely detects Bluehost Symlink Patch as "enabled" in EasyApache 4 and causes a false positive. I'll update this thread with more information on the status of this case as it becomes available. Thank you.
If this do you need Apache Configuration, Global Configuration. Under Directory "/" Options, enables FollowSymLinks and enable SymLinksIfOwnerMatch With enabled jailshell and EXPERIMENTAL: Jailshell Virtual Hosts using mod_ruid2?
-
If this do you need Apache Configuration, Global Configuration. Under Directory "/" Options, enables FollowSymLinks and enable SymLinksIfOwnerMatch With enabled jailshell and EXPERIMENTAL: Jailshell Virtual Hosts using mod_ruid2?
No, Mod_Ruid2 with "EXPERIMENTAL: Jailshell Virtual Hosts" enabled in "Tweak Settings" is sufficient to pass the Security Advisor symlink protection warning without changes to the Apache global configuration. Thank you.0 -
I am getting the following error in WHM Please suggest a fix Kernel does not support the prevention of symlink ownership attacks.You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. 0 -
I am getting the following error in WHM Please suggest a fix Kernel does not support the prevention of symlink ownership attacks.You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland.
This is answered on the following thread:0
Please sign in to leave a comment.
Comments
3 comments