We support this option on all cPanel & WHM platforms that run on CloudLinux™. We strongly recommend that you use this option to address the race condition vulnerability.
#BLUEHOST CPANEL INSTALL#
We offer both of these options via WHM’s Security Advisor interface ( WHM > Home > Security Center > Security Advisor).īoth of these options install the KernelCare Client, which automatically manages KernelCare software updates. If you install either option, disable the Symlink Protection option in the Global Configuration section of WHM’s Apache Configuration interface ( WHM > Home > Service Configuration > Apache Configuration). If you install the Free Patch Set and then later purchase and install KernelCare, the “Extra” Patchset will replace the Free Patch Set. KernelCare provides two patches that offer symlink protection for systems that run CentOS, 7, or 8 or AlmaLinux OS 8 kernels:Įxtra - If you purchase and install KernelCare, you can also install the KernelCare “Extra” Patchset, which includes KernelCare Symlink Protection.įree - If you do not install KernelCare, you can install KernelCare’s Free Patch Set, which includes KernelCare Free Symlink Protection.
![bluehost cpanel bluehost cpanel](https://i1.wp.com/codeless.co/wp-content/uploads/2019/04/blue-ecom.png)
![bluehost cpanel bluehost cpanel](https://loveswah.com/wp-content/uploads/9-BluehostcPanel-Login.png)
This symlink vulnerability allows a malicious user to serve files from anywhere on a server that strict operating system-level permissions do not protect. The FollowSymlinks option exposes Apache to a symlink security vulnerability. WHM’s Global Configuration interface ( WHM > Home > Service Configuration > Apache Configuration > Global Configuration) allows you to configure various Apache options that reside in the root ( /) directory.
#BLUEHOST CPANEL HOW TO#
This document explains how to implement symlink race condition protection on systems that run EasyApache 4.