Woke up to HIGH security advisor notification, SuExec is disabled

Answered

BobHoliday

• March 21, 2025 08:05

In the notification it suggests I click a link to go enable it. This takes me to a page showing:

The EasyApache4 Technology Preview needs to be configured via command-line tools. The WHM user interface does not currently support this Technology Preview.

I didn't opt for technology preview mode and I didn't disable or remove suExec!

What's happened? How do I fix it?

TY

• 

  William Del Piero cPanel Staff

  • March 21, 2025 13:22

  Hi,

   

  The issue you reported appears to relate to a recent case that we've opened with our developers: CPANEL-46538. In short, the Security Advisor was recently updated to correctly detect which Apache modules are installed on your server. This is the reason you are suddenly receiving this notification although you didn't remove SuExec. With that said, we've found that the URL sent along with this notification links to a script that was removed and is causing confusion for customers. You can safely ignore the URL provided in the email. If you want to install SuExec, you can follow the steps in our guide below:

   

  How to switch from mod_ruid2 to mod_suexec

   

  0
• 

  BobHoliday

  • March 21, 2025 13:31

  For some reason I had neither of them installed. On Vladimir's advice I installed SuEXEC and the warning has gone now, and all seems well. Thank you both for your help today.

  0
• 

  WorkinOnIt

  • April 16, 2025 02:04
  • Edited

  I am running suPHP and also got the "suEXEC is disabled" message... but you might not want to run both on your server - it's complex.... This is another classic problem introduced in the very buggy security advisor.... sometimes those messages can be confounding (like the "A KernelCare update is available" message, when there isn't actually one available.

   

   

  0

Please sign in to leave a comment.