CageFS, one of the most powerful security features of the CloudLinux operating system, prevents the misuse of system resources and information leakage by running each user in their own isolated virtual file system. It provides isolation between users, especially in shared hosting infrastructures.

The following commands are used to install and enable CageFS:

/usr/sbin/cagefsctl --init

This command creates the file structure for the CageFS system. It may take a few minutes. A virtual file system is prepared for users.

/usr/sbin/cagefsctl --enable-cagefs

This command generally activates the CageFS system. That is, the system recognizes CageFS and becomes ready.

/usr/sbin/cagefsctl --enable-all

Includes all existing users in CageFS. With this command, all hosting users will now start working in an isolated file system.

Alternatively, to include individual users in CageFS:

/usr/sbin/cagefsctl --enable username

To remove CageFS from a user:

/usr/sbin/cagefsctl --disable username

Advantages of CageFS:

Each user runs in a separate file system.
Users cannot access root processes and other users' data.
PHP attacks and symlink exploit attempts are prevented.
It is fully compatible with LVE (Lightweight Virtual Environment).

Other Frequently Used Commands:

Check CageFS status:

/usr/sbin/cagefsctl --status

Recreate the file structure:

/usr/sbin/cagefsctl --force-update

CageFS is an indispensable security layer of CloudLinux systems. It works integrated with systems such as WHM and cPanel and provides user-based security. After it is activated, the operations of other users do not affect system integrity thanks to each user working in an isolated environment.

Before applying these commands to the system, you must have root privileges and the system must be running on CloudLinux.