Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cp-wrap push root to apacheadmin

Discussion in 'Security' started by bulk8, Mar 12, 2012.

  1. bulk8

    bulk8 Registered

    Joined:
    Mar 12, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Hi
    I have view /var/log/secure,I got some logs like below:
    Mar 12 08:09:43 cs useradd[23713]: new user: name=eurofeed, UID=502, GID=501, home=/home/eurofeed, shell=/bin/bash /* I have add eurofeed to my account from WHM */

    Mar 12 09:05:56 cs Cp-Wrap[28373]: Pushing "502 SORTEDRESELLERSUSERS root#012" to '/usr/local/cpanel/bin/reselleradmin' for UID: 502
    Mar 12 09:05:56 cs Cp-Wrap[28373]: CP-Wrapper terminated without error
    Mar 12 09:06:15 cs Cp-Wrap[28400]: Pushing "502 FETCHTYPES 0#012" to '/usr/local/cpanel/bin/apacheadmin' for UID: 502
    Mar 12 09:06:15 cs Cp-Wrap[28400]: CP-Wrapper terminated without error
    Mar 12 10:03:54 cs Cp-Wrap[30271]: Pushing "502 SORTEDRESELLERSUSERS root#012" to '/usr/local/cpanel/bin/reselleradmin' for UID: 502
    Mar 12 10:03:54 cs Cp-Wrap[30271]: CP-Wrapper terminated without error

    I want know what is about apacheadmin and reselleradmin,why here have use root#012 and 0#12?
    Attachments is Daily Process Log ,why here have 68 and unauthenticated?whether my server have hacked?Who can help me and tell me how to check ?Thanks!
     

    Attached Files:

Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice