security

  1. cPRex

    EasyApache January 19 Security Update

    cPanel, L.L.C. has released a security update for EasyApache 4! If you have additional questions, feel free to reach out on one of our social channels. ea-apache24 EA-11157: Update ea-apache2 from v2.4.54 to v2.4.55 EA-11167: Patch to fix sporadic 500 errors with 2.4.55 – CVE-2022-37436...
  2. L

    attached are messages from ⛔ New Security Advisor notifications with High importance

    OS CentOS v7.9.2009 STANDARD kvm cPanel Version 106.0.13 I have gotten some emails the: attached are messages from ⛔ New Security Advisor notifications with High importance What action must I take?
  3. H

    hell_exec() has been disabled for security reasons

    ErrorException shell_exec() has been disabled for security reasons in php disable function clean
  4. P

    New Security Advisor notifications with High importance - PHP 7.3 and PHP 7.4 reached EOL

    Had two of these over 2 days now. Not quite as bad as the CloudLinux spam ones, but still annoying. I know these are EOL but I have things running that are not yet stable on PHP 8 so I need to carry on with 7.3/7.4 on certain accounts. I'm hoping the warnings won't be every day. I just wish...
  5. T

    cpHulk security warning on deactived sshd service.

    Hello, I have a strange security issue. I have deactivated sshd service but cpHulk gave security me this message: A device at the “139.59.26.69” IP address has made a large number of invalid login attempts against the account “root”. This brute force attempt has exceeded the maximum number of...
  6. C

    Security Advisor Notification

    After receiving some inputs here, I finally switched the server we had from VPS to dedicated server that can run on CloudLinux. I am currently finalizing the transfer and making sure that the server runs smoothly without errors. Overnight, I received email notification that said: This...
  7. amstel

    SSL/TLS: Renegotiation DoS Vulnerability

    Hi, I have been running a security scan on one of my website. A scanner has found that issue: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094) Summary The remote SSL/TLS service is prone to a denial of service (DoS) vulnerability. Insight The flaw exists because the...
  8. H

    Security Check Advice

    Using CSF firewall, I'm aware it's a plugin and not a cPanel product but it suggests doing so, the question is, should I: Mail Check Check exim for secure authentication (if I require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the...
  9. S

    ⛔ New Security Advisor notifications with High importance

    ⛔ High Apache Apache vhosts are not segmented or chroot()ed. Enable "mod_ruid2" in the "EasyApache 4" area, enable "Jail Apache" in the "Tweak Settings" area, and change users to jailshell in the "Manage Shell Access" area. Consider a more robust solution by using "CageFS on CloudLinux". Note...
  10. J

    lastlogin not updating properly

    OS: CentOS v7.9.2009 STANDARD Virtuozzo cPanel Version: 106.0.9 Root access: Yes Logs: No idea what logs to provide Additional support: Have not tried to get support elsewhere. Since logins involve security, I figured this should go here. If not, please move it to the correct location. Thanks...
  11. C

    Modsecurity 2.9.6 [Fix Security]

    Mod Security 2.9.6 security update released. Is it possible to update Mod security from 2.9.3 to 2.9.6? it is necessary in order to update CRS to 3.3.4 https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/
  12. M

    New very dangerous security bug/feature in cpanel filter function

    Today, One of my client, was hacked in a very very disturbing way. Because of nature of this hack i do not want to post details here. Can someone contact me ? The hack is connected to filter email function.
  13. C

    Revert security measures in wordPress toolkit that can't be reverted.

    Hi All, I recently used the WordPress toolkit for the first time and activated all the security measures. Unfortunately the setting "Restrict access to files and directories" breaks my Wordfence security. I believe this is the setting breaking my WordFence security. It says it can't be...
  14. K

    Security Headers

    Team, I used security headers (Analyse your HTTP response headers) to get my header to a green status. I checked my website and now my headers are all red like they have been reset. I have not made any changes to my cpanel server or my htaccess file. Has anyone ran into an issue like this...
  15. X

    cPHulk

    Hello, Can cPHulk provide protection against Brute force logins for web serves like apache, nginx, litespeed?
  16. R

    Security Advisor Locks up at Apache

    Hello, Currently, we have about 10 VPSs running CentOS 7.x. All are similar in design and software. But, on a group of older servers, as Security Advisor starts to run, it is stalled at the following... Cpanel::Security::Advisor::Assessors::Apache 1.04 Nothing in the error logs (Cpanel or...
  17. J

    Looking to stop microsoft azure bots

    Trying to stop the onslaught of microsoft azure bots. I have a script that stops the amazon ones in csf but can't find one for the microsoft flavor. Also wondering if there is a third party provider that does this for the microsoft bots integrated into mod_security. Any advise appreciated.
  18. N

    Account Transfer: careful of Security Questions (security policy on the remote server forbids it)

    Hello, Here another "Security Questions" story :) I just took almost 2 hours to figure out why I got an error during cPanel Account Transfer between remote servers. Common check for troubleshooting : The TCP ports 2083/2087 was opened in CSF. Tried to temporarily disabling Imunify360/CSF...
  19. B

    Bug (security): Jailshell is missing /etc/crypto-policies so breaks crypto-policies(7) enforcement

    cPanel v94 on Alma 8. Out of the box, the cPanel jailshell environment doesn't include the files under /etc/crypto-policies. This breaks crypto-policies(7) and can cause unexpected/undesired behavior across various processes (kerberos, (lib)openssh, (lib)openssl, etc). As one example that...
  20. I

    New - The security token in your request is invalid.

    Hi an thank you for reading. ISSUE: Several open tabs, each with different domain, times-out to "The security token in your request is invalid." and need to login again. PROCESS: (can be repeated) Open WHM in Chrome In WHM, choose domain X and click CP (Cpanel). Domain X opens in new tab...