Here you can find , how attacker uses synlink to attack on your web site
For Instance ,
How to prevent symlink attack ?
There are many symlink attack solution are flowing over the internet. Here you will find comprehensive solution for this attack. We would like recommend the filesystem level solution and kernal + apache solution as given below.
CloudLinux is integrated with Apache (suexec, suPHP, mod_fcgid, mod_fastcgi) . This is core feature which will help you to avoid symlink attacks. You will have good control over your system. You can find here installation of the CageFS Cloud Linux here .
2) Jail Apache Virtual Hosts Via mod_ruid2 and cPanel Jailshell
3) Kernal Patch solution :
To use this patch you required custom kernal and installation knowledge.
+ bool "Kernel-enforced SymlinksIfOwnerMatch"
+ default y if GRKERNSEC_CONFIG_AUTO && GRKERNSEC_CONFIG_SERVER
+ Apache's SymlinksIfOwnerMatch option has an inherent race condition
+ that prevents it from being used as a security feature. As Apache
+ verifies the symlink by performing a stat() against the target of
+ the symlink before it is followed, an attacker can setup a symlink
+ to point to a same-owned file, then replace the symlink with one
+ that targets another user's file just after Apache "validates" the
+ symlink -- a classic TOCTOU race. If you say Y here, a complete,
+ race-free replacement for Apache's "SymlinksIfOwnerMatch" option
+ will be in place for the group you specify. If the sysctl option
+ is enabled, a sysctl option with name "enforce_symlinksifowner" is
The above solution is recommend by the grsecurity
4) install Secure link for apache :
The way it works, it makes sure that the file that will be served by Apache is owned by the same user, as the owner of VirtualHost. We pick up the owner of virtual host from SuexecUserGroup directive.
This makes the protection unbreakable via any race conditions, hard links or symbolic links.
These are the answer for how to prevent symlink attack .
PS. If you liked this post please share it with your friends on the social network