This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Sentora Secured (SFTP + suEXEC/RUID2 )
#1
Sentora Secured (SFTP + suEXEC/RUID2 )
Greetings everyone,

I know there has been plenty concern over using secure permissions with Sentora. Over the past few months I've been working hard on an UNOFFICIAL (not supported by the Sentora team) plugin that will allow secure permissions within the web hosting panel. I've named the project Sentora Secured.

This program basically does two things: (1) Create Linux users (named after the Sentora user) to use for SFTP and ownership over their own hostdata information and (2) fix most of the insecure permissions of Sentora.

With Apache, the default setup is to use a general user and group (usually "apache", "nobody", or "www-data") for every file in a persons hostdata directory. This actually makes it so that anyone can edit and modify another user's files since they're all owned and ran by the same user. With Sentora Secured, all of a persons data is owned to themselves and run through Apache using suEXEC (or RUID2 if suEXEC is not available). As a side note, it's actually preferable to use RUID2 with Apache over suEXEC so you can have the benefits of PHP OpCode caching software.

This software is very much in an alpha stage. I do NOT recommend using this in a production environment. However, I would appreciate any testers willing to help find bugs or other issues. I'm always open to new feature requests, too. You can view and download the entire project and its source code here: [ https://github.com/ekultails/sentorasecured ].

Ideally, this is something that would be implemented in the official Sentora. Since this fork of zPanel no longer relies on a Windows port there's no reason not to transition to using real Linux users (instead of pseudo Sentora and FTP users) and implementing suEXEC/RUID2 protocols for Apache users. I understand this is on the "to-do list" but hope it will be integrated one day soon.

Thank you guys for your time and I hope to see you all around the forums!
Welcome to a new age of hosting.
GalacticWebspace.com
Reply
Thanks given by: Me.B , Cantalupo , iTpain


Messages In This Thread
Sentora Secured (SFTP + suEXEC/RUID2 ) - by ekultails - 01-25-2015, 01:24 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
SFTP Authentication Failed, Need to retrieve password wormsunited 9 24 ,659 01-24-2019, 05:52 PM
Last Post: fearworks
Ftp On Sentora techs221 2 9 ,135 12-29-2016, 03:06 PM
Last Post: techs221
FTP accouunt setting problem of Sentora bbloldd 3 14 ,664 08-12-2015, 09:41 AM
Last Post: james415

Forum Jump:


Users browsing this thread: 2 Guest(s)