Domain Name Registration and Website Hosting - Easy to use Website Builder
GoWebsite provides Domain Name Registration, cPanel Hosting, Website Security, SEO, WordPress Hosting, Email Accounts, SSL Certificates, Website Builder & other Web Development Products.
Free setup! Speak with us anytime: 480-624-2500
Home Guides Glossary

Protect Your Server from ImageMagick Vulnerability

A security vulnerability in ImageMagick was announced on May 4th, 2016. If your Linux server uses ImageMagick to handle image uploads, you should make changes to your server immediately to protect it from a possible compromise.

Am I affected?

Not all hosting products are affected by the ImageMagick vulnerability.

Hosting Type Affected?
Shared Hosting (cPanel, Managed WordPress, Plesk) No
VPS or Dedicated Server with cPanel No
VPS or Dedicated server without cPanel Yes
Cloud Server Yes

If you turned automatic updates off on your cPanel server, you may still be vulnerable.

Protect your server

To protect your server from the ImageMagick vulnerability, you need to make changes to your policy.xml file for ImageMagick.

  1. Connect to your server with SSH.
  2. Locate your policy.xml file for ImageMagick. The path to this file may be different depending on your Linux version.
    Linux Versions Path
    Ubuntu
    Debian 7
    CentOS
    RHEL
    Arch Linux    		 /etc/ImageMagick/policy.xml
    Debian 8
    Fedora    		 /etc/ImageMagick-6/policy.xml
    FreeBSD /usr/local/etc/ImageMagick-6/policy.xml
    CentOS 6 with cPanel/WHM /usr/local/cpanel/3rdparty/etc/ImageMagick-6/policy.xml
  3. Open this policy.xml file in a text editor:
    sudo vim /etc/ImageMagick/policy.xml
  4. Add the following lines to the <policymap> section of the file: 
    <policy domain="coder" rights="none" pattern="EPHEMERAL" />
<policy domain="coder" rights="none" pattern="URL" />
<policy domain="coder" rights="none" pattern="HTTPS" />
<policy domain="coder" rights="none" pattern="MVG" />
<policy domain="coder" rights="none" pattern="MSL" />
<policy domain="coder" rights="none" pattern="TEXT" />
<policy domain="coder" rights="none" pattern="SHOW" />
<policy domain="coder" rights="none" pattern="WIN" />
<policy domain="coder" rights="none" pattern="PLT" />
  5. Save and close the file: 
    :wq!

Once these changes have been made, your server will be protected from the ImageMagick vulnerability.

More GoWebsite Articles
Why can't I log in to Parallels Plesk Panel Webmail? Setting up Email Using the Parallels Small Business Panel Where can I find more information about cPanel and WebHost Manager? Can I communicate with Tomcat through port 8080? What can I install on my Virtual Private Server? Changing Your Tomcat Login Credentials Tips for Server Health and Maintenance

Domain Registration

Pay less for website domain names. Register your own .com, .net or .org for as low as $10.18 per year. We have everything you need to get online with your new domain.

Website Builder

Build an amazing website in just under an hour with Website Builder. Take advantage of designs created just for your industry and then customize them to reflect your one-of-a-kind idea.

Website Security

Protect your website and keep customers safe. Your comprehensive Website Security solution. Get peace of mind by securing your websites.

cPanel Hosting

Everything needed to give your website the high-performance home it deserves.  Protect transactions and secure your customer's data with a SSL Certificate
Copyright © 2005 - 2024.  All rights reserved.  Privacy Policy