cPanel

VirtFS (Jailed Shell)

Overview cPanel & WHM uses VirtFS to provide a jailed shell environment for users who connect to a server via SSH. The jailed shell acts as a container for the user, and does not allow the user to access other users’ home directories on the server. Unlike a normal shell environment, a jailed shell environment increases  security for a server’s other users. Users in a jailed shell environment can run otherwise-unavailable...

Read More

HOW TO DISABLE SYMLINKS ON LINUX WHM/CPANEL

Login to WHM/cPanel server via SSH with root access and execute following commands: $ wget http://layer1.rack911.com/before_apache_make -O /scripts/before_apache_make $ chmod 700/scripts/before_apache_make And then recompile apache by previous saved profile: $ /scripts/easyapache That is all, you can also check for any symbolic links already created: $ find /home*/*/public_html -type l This will output directories and files...

Read More

Protecting your cPanel/WHM server from SSLv3 POODLE vulnerability

Here is a quick script for you to check if your cPanel/WHM server is vulnerable. Execute the following as root. If you get ANY cipher output, your server can be considered vulnerable. for port in 21 443 465 993 995 2083 2087 2078 2096; do echo “Scanning $port”; for cipher in $(openssl ciphers -sslv3 ‘ALL:eNULL’ | sed -e ‘s/:/ /g’); do echo -n | openssl s_client -sslv3 -cipher “$cipher”...

Read More

Apache did not start on cPanel

Error log contains: [emerg] (28)No space left on device: Couldn’t create accept lock or [crit] (28)No space left on device: mod_rewrite: could not create rewrite_log_lock Configuration Failed Checking your disk shows that you have plenty of space. The problem is that apache didn’t shut down properly, and it’s left myriads of semaphore-arrays left, owned by my apache-user. Run: pcs -s | grep nobody Removing these semaphores immediately...

Read More

How to disable php scripts execution in 777 folders

Many times malware php scripts are uploaded to sites when 777 (or just enough)  permision folders are present. Sometimes you just can’t set permissions to a secure level (because of crap applications) so you have to secure these folders another way. One solution is to use .htaccess files for example to stop direct php access/execution in that folder/subfolders : #touch .htaccess content of .htaccess: <Files *.php> Order Deny,Allow Deny...

Read More

Deleting nouser Files – cleanup after cPanel

Not many CPANEL server admin knows that when they delete user account, there are some of those user files that still left on the server. Because user has been deleted, so the files will be owned by nouser. This can be a problem when your server is highly cycled (you add and delete users very frequently) because you can hit the system user limit. This means you cant create no more user on your system. Deleting user to add another one wont...

Read More