The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cp-wrap push root to apacheadmin

Discussion in 'Security' started by bulk8, Mar 12, 2012.

  1. bulk8

    bulk8 Registered

    Joined:
    Mar 12, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi
    I have view /var/log/secure,I got some logs like below:
    Mar 12 08:09:43 cs useradd[23713]: new user: name=eurofeed, UID=502, GID=501, home=/home/eurofeed, shell=/bin/bash /* I have add eurofeed to my account from WHM */

    Mar 12 09:05:56 cs Cp-Wrap[28373]: Pushing "502 SORTEDRESELLERSUSERS root#012" to '/usr/local/cpanel/bin/reselleradmin' for UID: 502
    Mar 12 09:05:56 cs Cp-Wrap[28373]: CP-Wrapper terminated without error
    Mar 12 09:06:15 cs Cp-Wrap[28400]: Pushing "502 FETCHTYPES 0#012" to '/usr/local/cpanel/bin/apacheadmin' for UID: 502
    Mar 12 09:06:15 cs Cp-Wrap[28400]: CP-Wrapper terminated without error
    Mar 12 10:03:54 cs Cp-Wrap[30271]: Pushing "502 SORTEDRESELLERSUSERS root#012" to '/usr/local/cpanel/bin/reselleradmin' for UID: 502
    Mar 12 10:03:54 cs Cp-Wrap[30271]: CP-Wrapper terminated without error

    I want know what is about apacheadmin and reselleradmin,why here have use root#012 and 0#12?
    Attachments is Daily Process Log ,why here have 68 and unauthenticated?whether my server have hacked?Who can help me and tell me how to check ?Thanks!
     

    Attached Files:

Loading...

Share This Page