Symlink Attacks Solutions

This attack usually occurs after the attacker has been able to read the contents of the /etc/passwd file and has enumerated the server’s users.

The attacker then runs a script which blindly builds symbolic links (a bit like shortcuts on Windows or Aliases on a Mac) to locations where configuration files for commonly used CMS might be kept in each user’s home directory.

If you enable both of the configuration settings SymLinksIfOwnerMatch and FollowSymLinks, Apache will be vulnerable to a race condition through symlinks. This symlink vulnerability allows a malicious user to serve files from anywhere on a server that has not been protected by strict OS-level permissions.

symlink-attack

Use the following Solutions to prevent from Symlink attack valnurablities in cpanel

Filesystem-level solutions

Enable mod_ruid + jailshell for your apache webserver.

This option is very easy to enable. Simply recompile Apache and then enable Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell in Tweak Settings.

cageFS

CageFS is a virtualized file system and a set of tools to contain each user in its own ‘cage’. This option is available on all cPanel-supported platforms today, and it is already included with CloudLinux.

Kernel + Apache solutions

Kernel level protection, you can’t really get any better then this. Requires a custom kernel GRsec, etc., and the burden of maintaining and installing it.

Mod_hostinglimits securelinks with CloudLinux kernel

If you currently use CloudLinux, this option has already been installed. The directive will not affect VirtualHosts which do not have a specified user id.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

cPanel & WHM Version 74 Now in STABLE

cPanel has released cPanel & WHM Version 74 to the STABLE tier. It includes updates for some...

Installing cpanel on google cloud

Create a new CentOS 7 instance on your google cloud engine. From the cPanel & WHM System...

Install Free SSL Let’s Encrypt plugin in cPanel

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates...

Replace MySQL with Percona in cPanel Server

Percona Server is an enhanced drop-in replacement for MySQL. If you are a web hosting service...

Install nginx as a reverse proxy cPanel plugin

Install Nginx on your cPanel/WHM server using the Engintron cPanel Plugin as a reverse proxy. It...

Powered by WHMCompleteSolution