modsec.conf cron job - is this supposed to happen?

**Mike Peel** · 11-06-2005 08:12 AM

I recently reconfigured the default mail setting in WHM on my server, and now I'm getting the following email every day at 2AM:

Code:

	From: 	  root@####.com
	Subject: 	Cron <root@server> wget -O /usr/local/apache/conf/modsec.conf 72.36.150.75/modsec.conf > /dev/null
	Date: 	2 November 2005 02:00:01 GMT
	To: 	  root@####.com

--02:00:00--  http://72.36.150.75/modsec.conf
           => `/usr/local/apache/conf/modsec.conf'
Connecting to 72.36.150.75:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5,848 [text/plain]

    0K .....                                                 100%  211.52 KB/s

02:00:01 (211.52 KB/s) - `/usr/local/apache/conf/modsec.conf' saved [5848/5848]

Is this supposed to be happening? Or is there something bad going on?

**chirpy** · 11-06-2005 10:18 AM

Are you sure that's a cPanel cron job and not a third-party one - which is what it appears to be.

**fred123123** · 11-06-2005 01:42 PM

that could be your provider updating your modsec.conf file to be sure you are secure... Some are doing it for customers vps, powervps.com is an example.

You should ask your provider. 72.36.150.75 is this your provider ? if no, then chirpy is right and that should be a third party

LinkBack

Thread Tools

modsec.conf cron job - is this supposed to happen?

Are these entries supposed to be in named.conf?

Why modsec.conf Rule reset to default every cpanel upgrade

modsec error on cron

easily update modsec.conf rulesets

modsec.conf broke webmail