mod_ruid + jailshell - how to enable

[postcd]

Hello,

please how can i enable mod_ruid and jailshell on my whm server?
It is adviced by this post: https://forums.cpanel.net/f185/solutions-handling-symlink-attacks-202242-p23.html#post1397221
and there too: http://www.sysadmindiaries.com/2013/07/how-to-prevent-cpanel-apache-symlink.html

It is very easy to enable. Just re-complile apache using mod_ruid2 and then enable "Jail Apache Virtual Hosts" in Tweak settings.

Currently i have suphp, suexec..

In Home »Server Configuration »Tweak Settings, Security tab,
i have "EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell. [?]", but its grayed out, so i cant activate it..

 

[mywhm]

See Change Loog:

http://documentation.cpanel.net/display/EA/EasyApache+Change+Log


Mod Ruid2
Apache 2.2
PHP 5.4


This profile includes the modules from the Basic profile. This configuration utilizes Mod Ruid2 to improve the security of your server. We recommend that you select this profile if you use either the CGI, DSO, or the suPHP PHP handler.

*****
Implemented case 107165: Remove experimental tag from PHP 5.5 and ModRuid2

Today. ModRuid2 is not experimental.

Update cpanel and the ultimate version.

 

[cPanelMichael]

Hello

You must first compile Mod_Ruid2 via EasyApache. Then, you will see it available in:

"WHM Home » Service Configuration » Configure PHP and suEXEC"

The option you referenced will not be greyed out after you enable Mod_Ruid2.

Thank you.

 

[postcd]

In EasyApache, net to mod ruid2 it says that there will be disabled following packages (amongst others):
Disables:
Cache
Disk Cache
Mod FastCGI v2.3.9
MemCache

So i want to ask which alternative caching things i can use for the best server performance? (running wordpress blogs, joomla and more) thx

// when i added mod ruid2 and compiled easyapache, then modruid was enabled and i seen 403 forbidde errors on all websites. when i disabled mod ruid in Server settings / tweak settings / security and restarted apache, it started working again. the httpd error log file contained things like:

(13)Permission denied: ... .htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?
[error] mod_ruid2 domain.com GET /feed.php?f=143 HTTP/1.1 chdir to /home/virtfs/fmyusername failed

:-/

 

[cPanelMichael]

Please ensure you open separate threads for each individual issue (e.g. best cache options). As far as this error:

(13)Permission denied: ... .htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Check that .htaccess file to determine what it's permission and ownership values are.

Thank you.