Wondering how to use Apache mod_userdir Tweak? We can help you.
At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.
Let’s take a look at how our Support Team assist with this query.
How to use Apache mod_userdir Tweak?
This interface allows you to disable the Apache
mod_userdir module’s functionality for your users.
- We strongly recommend that you disable this access for most of your users.
- Before you use this interface, make certain that you read the Security Implications and Warnings sections below.
- If you enable Apache’s
ruby27-mod_passengermodule in WHM’s EasyApache 4 interface (WHM >> Home >> Software >> EasyApache 4), the system disables the Apache
mod_userdirmodule by default.
- You must enable this feature to allow accounts to use shared SSL certificates.
Today, let us see the steps followed by our Support Techs to enable
- Firstly, select the Enable
- Then, to enable
mod_userdirfunctionality for specific hosts, select the appropriate Exclude Protection checkboxes.
- To only allow
mod_userdirfunctionality for specific additional users to access these hosts, enter their usernames in the Additional Users text box.
- Resellers can use this feature to allow their customers to access their own websites before DNS information propagates.
- To enter multiple users, separate each account name with a space.
- Finally, click Save.
We strongly recommend that you restrict
mod_userdir functionality for most of your users.
mod_userdir can expose potential security issues.
- The system accounts for bandwidth per-host rather than per-user. If a user access another user’s content via
- Then the server will not record their bandwidth usage correctly. This can also potentially allow for one user to use the bandwidth of another.
When you disable
mod_userdir protection for a host, do not exclude the entire host, but rather exclude only specific users via the Additional Users text box.
Before you enable the Apache
mod_userdir module, make certain that you understand the following information:
- Java servlets do not work with
mod_userdir-based URLs because Tomcat requires you to add additional directives to the virtual host.Important:EasyApache 3 does not support new installations of Tomcat. As of cPanel & WHM version 76, EasyApache 4 now supports Tomcat 8.5.
- The following PHP handlers do not allow you to use the Apache
- PHP via CGI.
open_basedirprotection restricts PHP’s access to the home directory of the user who owns the base domain, not the home directory of the user account that a visitor accesses.
- If you enable
open_basedirprotection in WHM’s MultiPHP INI Editor interface, visitors cannot access some sites via the
- Websites that use
the mod_rewriteor other directives in their
.htaccessfiles will not function correctly when visitors view them through
- If you enable Apache’s
mod_ruid2module, then the
mod_userdirmodule will not function correctly.
To use Apache’s
mod_userdir module, perform the following actions:
- Make certain that the
mod_suphp moduleis installed in the Apache Modules section of WHM’s EasyApache 4 interface.
- Select suphp for each version of PHP installed on your system in the PHP Handlers section of WHM’s MultiPHP Manager interface.
Before you disable
mod_userdir protection, make certain that you understand the following information:
- While this WHM feature allows you to restrict
mod_userdirfunctionality, it does not remove the module itself.
- This feature does not list IP addresses because the
mod_userdirmodule uses virtual hosts.
- You cannot use IP addresses to configure this feature.
- If you do not protect the default host, you can access the server’s main IP address through the
mod_userdirmodule in most cases.
- If you attempt to provide protection on a dedicated IP address, the site’s contents will still display when protection is enabled.
- To disable this behavior, open the
/etc/apache2/conf.d/includes/post_virtualhost_global.conffile with a text editor and add the following line:
[Looking for a solution to another query? We are just a click away.]
To sum up, our skilled Support Engineers at Bobcares demonstrate Apache mod_userdir Tweak.