The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to prevent Local Relay CMS exploit efficiently ?

Discussion in 'Security' started by hoststage, Mar 30, 2015.

  1. hoststage

    hoststage Member

    Joined:
    Oct 12, 2012
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Hello,

    It appears that we notice an drastic increase of local relay PHP mailing from out dated CMS installation or vulnerable plugins on a few servers.

    We receive the alerts in real time and we are taking actions but how to prevent it from happening ?

    Would CXS stop these exploits ? Or is there a fine cpanel security tuning that could block such script ? (don't think so)

    I thought OSWAP would include such protection but apparently, it doesn't.

    After readind many threads, no solution has ever been found to my knowledge so if this thread could close the issue once and for all, i believe it would be useful for a handful amount of cPanel users.

    We ran a few campaigns to sensibilize about the criticity to update CMS as well.

    Cheers
    Vincent
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    For PHP scripts, you could add "mail" to the disable_functions line in your PHP configuration file. The following document may also be helpful:

    How To Prevent Email Abuse

    Thank you.
     
Loading...

Share This Page