prevent symlink attack on cpanel server

From WebHostingNeeds.com
Jump to: navigation, search

Method 1

In EasyApache, final configuration page, you have option to enable

Symlink Race Condition Protection

whm-symlink.png

Read

https://documentation.cpanel.net/display/EA/Symlink+Race+Condition+Protection#SymlinkRaceConditionProtection-Rack911-providedpatch

Method 2

Edit httpd.conf

vi /etc/httpd/conf/httpd.conf

Find

<Directory "/">
    Options +ExecCGI -FollowSymLinks -Includes +IncludesNOEXEC +Indexes -MultiViews +SymLinksIfOwnerMatch
    AllowOverride All
</Directory>

Replace With

<Directory "/">
    Options +ExecCGI -FollowSymLinks +Includes +IncludesNOEXEC +Indexes -MultiViews +SymLinksIfOwnerMatch
    AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews
</Directory>

Run following commands to make the changes permanent.

/usr/local/cpanel/bin/apache_conf_distiller --update
service httpd restart



cpanel server setup