The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel forwarder hack

Discussion in 'General Discussion' started by lxxd, Nov 20, 2008.

  1. lxxd

    lxxd Registered

    Joined:
    Aug 21, 2006
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    One of our clients had their email forwarder edited to add another email address. There is nothing in logs which suggest a forwarder addition. Has anyone experienced similar issues with cPanel.
     
  2. apscinsspl

    apscinsspl Well-Known Member

    Joined:
    Mar 15, 2008
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    No such hack reported yet but I think his cpanel password maybe hacked from his end and someone is just try to spy his mails and hence did this.
     
  3. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    This could easily be done via root with direct shell edit of the /etc/valiases/domain.com file which would not be logged or with a mail manage program like Configserver and I do not think it would be logged. The code could have even been echoed to the /etc/valiases
     
  4. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    If you have a root access of server then check in CPanel access logs to make sure there is no access from any other IP address then yours.

    You can check the CPanel access logs at /usr/local/Cpanel/access_log
     
Loading...

Share This Page