Checking which domain is sending unwanted http requests to a specific destination

Hello there
I have a CloudLinux OS(installed on a CentOs6.4) and Cpanel installed on it. It is a shared server. I have received a complaint from DATACENTER and they are saying one of my customers is doing attack to a specific website.

I know that i can see outgoing traffic using tools like IFTOP But how to know which of my domains on this server is doing this unwanted outgoing traffic to that victim website (who has complaint about the issue to our datacenter)

Thank you for your care

 

Dear michael!
Thank you for your answer. Yes we have already ConfigServer Security & Firewall
But i don't know how to use it for blocking all of the connection to specific destination on a remote location.

My Cpanel is installed on a virtual machine in a hyper-v visualization server. Could you guide me to:
First block all of the connection to the remote IP address of x.x.x.x temporary
and then how to find the website which is doing this kind of activity.

regards

 

Thank you michael!
I learned this simple IPTABLES rule to block both outgoing traffics with specific string in the HTTP header and also any traffic to any specific destination/IP address:
Block outgoing traffic to specific IP address:
iptables -A OUTPUT -d 1.2.3.4 -j DROP

Block all of outgoing traffics to specific URL:
iptables -A OUTPUT -p tcp -m string --string "URL_HERE" --algo kmp -j DROP


We can also simply write a line in hosts file to redirect any outgoing request to specific destination to be redirected to a null destination.

But my main question is how to find who did this kind of activity.
I need to know which PID is doing this unwanted outgoing traffic. I think it can be done using NETSTAT but don't know how to do it.

regards

 

Thank you quizknows
I don't want to hire anyone since i want to learn it myself. Thank you for your tips. Sadly the unwanted process is not always active.
I will follow your guide as well. If you know any other great tips please let me know. It can be a reference for others as well.
Best Regards

- - - Updated - - -

Thank you quizknows
I don't want to hire anyone since i want to learn it myself. Thank you for your tips. Sadly the unwanted process is not always active.
I will follow your guide as well. If you know any other great tips please let me know. It can be a reference for others as well.
Best Regards