Shine Servers

Registered
Jul 13, 2013
2
0
1
cPanel Access Level
Root Administrator
Hi,

Howday everyone, well one of our customer has a dedicated server along with cPanel/WHM. He configured backup's in such a way that the backup files were placing at Hard Disk as well as been uploaded to an different server using FTP. Few days back, an intruder get into his server and cleared his websites and hard disk backup's. Also then removed the /home , /var and other important system directories. He succeeded in making the server corrupted.
The most amazing thing that happened is, the intruder cleared his other server as well the FTP Backup's one.

That server was having his backup's and many important files. So here's my question bank :

1. How a hacker get accessed to the external server ?
2. Do cPanel store FTP details somewhere on the server ?
3. Are the details not encrypted ?
4. What can be the safest backup method to make backup's at other external server using rsync or ftp.
5. Is there anyway that we can check the system security ? That it is upto the mark.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello :)

It's difficult to pinpoint an entry method because there are several potential methods that a hacker could have accessed a remote server (e.g. brute force). The FTP details for the remote FTP backup destination are stored in:

Code:
/var/cpanel/backups
The password is encrypted. You could switch to SFTP if you would like to use a method more secure than FTP in general. You may also want to consider consulting with a system administrator/security specialist. There are several listed at:

cPanel Application Catalog - System Admin Services

Thank you.
 

Shine Servers

Registered
Jul 13, 2013
2
0
1
cPanel Access Level
Root Administrator
Hello :)

It's difficult to pinpoint an entry method because there are several potential methods that a hacker could have accessed a remote server (e.g. brute force). The FTP details for the remote FTP backup destination are stored in:

Code:
/var/cpanel/backups
The password is encrypted. You could switch to SFTP if you would like to use a method more secure than FTP in general. You may also want to consider consulting with a system administrator/security specialist. There are several listed at:

cPanel Application Catalog - System Admin Services

Thank you.
Thanks for your reply. Seems SFTP or Rsync is the safest way then using Simple FTP.
 
Thread starter Similar threads Forum Replies Date
B Security 2