Skip to main content

Security Advisor Errors

Dylan McKinstry

I get the following Errors and Need help to get them to go away and best way to that.

 Kernel does not support the prevention of symlink ownership attacks.

You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. Please review the documentation to learn how to apply this protection.

 The MySQL service is currently configured to listen on all interfaces: (bind-address=*)

Configure bind-address=127.0.0.1 in /etc/my.cnf or use the server’s firewall to restrict access to TCP port “3306”.

 suEXEC is disabled.

Enable suEXEC on the “Configure PHP and suEXEC” page.

 SSH password authentication is enabled.

Disable SSH password authentication in the “SSH Password Authorization Tweak” area

 LiteSpeed vhosts are not segmented or chroot()ed.

Consider a more robust solution by using “CageFS on CloudLinux”.

Comments

2 comments

Date Votes
  • Dylan McKinstry

    Thank you for your help on this matter.

    0
  • cPRex Jurassic Moderator

    Hey there!  Each of the options you've listed offers a method to resolve the issue in the link.  For MySQL I would recommend blocking the port in the firewall if you don't need to make any external external connections, but the rest don't really give a lot of choices.  Just follow the guide to resolve the issue and let us know if you run into any problems with that process.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post