The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel logging access from 127.0.0.1

Discussion in 'General Discussion' started by bluepine, Jun 9, 2008.

  1. bluepine

    bluepine Active Member

    Joined:
    Dec 17, 2001
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Hello all,
    I have a server with WHM/Cpanel (bought directly from Cpanel, so nobody in the datacenter I can ask about this) and sunday something strange happened. Someone logged in a website's cpanel, deleted all email accounts and created one for himself, that he used to spam via Horde.

    I checked /usr/local/cpanel/logs/ for some details and I noticed that the IP listed there is 127.0.0.1 instead of his real IP. The user's password was not easy to guess (a random combination of letters/numbers 8 characters wide) so either he obtained it someway or was able to hack it in some other way. Anyone else had something similar happening?

    Thanks

    Stefano
     
Loading...

Share This Page