Bobcares
Client Area
Emergency Support
Latest | Server Management

Enable Securelink Cloudlinux: How to ?

by | Nov 14, 2022

Let us look at how to Enable Securelink Cloudlinux. At Bobcares our Server management support services can you a complete overview of the process.

 

Enable securelink cloudlinux

Enable Securelink Cloudlinux

SecureLinks is a kernel level technique that protects against every known symbolic link (symlink) attack. It improves server security even further to stop bad users from making symbolic links to files. A hacker fools Apache Web server into reading another user’s PHP config files or other sensitive files.

 

To prevent symlink attacks, change or add fs.enforce symlinksifowner=1 to the /etc/sysctl.conf file, then apply updates with: # sysctl -p

 

Setting this option will prevent any process operating under gid fs.symlinkown gid from following the symlink.  This happens if the link’s owner does not match the target file’s owner.

 

Activate SecureLinks, even if CageFS is running.

It is important to enable securelink cloudlinux even if the CageFS is running . The CageFS is particularly good at stopping most information leak attacks.

 

This won’t let a hacker obtain sensitive information from files such as /etc/passwd. However, CageFS cannot guard against symbolic link attacks in all instances.   

 

On cPanel servers, for example, it is not enabled in the WebDAV server. It is not enabled in the cPanel file management, and webmail, as well as some FTP servers. These lack enough change rooting.

 

This enables users to create symlinks or hardlinks to files such as /etc/passwd.  They can access the contents of those files using WebDAV, a file manager, or webmail.

 

We can avoid such attacks by stopping the users from creating symlinks and hardlinks to files they do not own. This si why we enable securelink Cloudlinux. 

 

Include the following line to the /etc/sysctl.conf:

 

fs.protected_symlinks_create = 1
fs.protected_hardlinks_create = 1

 

After this process, we can apply the changes with the following command line. This completes the enable securelink cloudlinux process:

 

# sysctl -p

 

We can avoid such attacks with CloudLinux OS Shared SecureLink. Prevent bad users from creating symlinks and hardlinks to files that they do not control. 

 

[Need assistance with similar queries? We are here to help]

 

Conclusion

To sum up we have now gone through how to enable securelink cloudlinux. With the support of our Sever management support services, we have completed the setup process.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

     

Related posts:

  1. Install SNMP on RHEL/CentOS/Fedora – How to perform it
  2. Migrate solusvm to proxmox – How to do it.
  3. Unable to find ostemplate – Let us fix the SolusVM error
  4. How To Use Wildcards in SQL Server?

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. Install SNMP on RHEL/CentOS/Fedora – How to perform it
  2. Migrate solusvm to proxmox – How to do it.
  3. Unable to find ostemplate – Let us fix the SolusVM error
  4. How To Use Wildcards in SQL Server?

Never again lose customers to poor
server speed! Let us help you.

GET STARTED