Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
Hello,
My Daily process log

i.gyazo.com/65fbc4788201ece56f0e0395ee7b245a.png

That spam uses all of the CPU and forces me to reboot the cPanel VPS to get it working again

The server is pining well during the attack.
 
Last edited by a moderator:

Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
Please attach images to your posts.



What spam? You've got several accounts overloading the server, you should take a closer look at them and take action.
First thanks for your reply , The attacker is using a script i think spamming php functions around the websites, same files with same websites are running at the same server(Less specs) for a month now but this is an attack/spam/flood

There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?

 
Last edited by a moderator:

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
Going by your posted image above, it looks like a wordpress site login is being pounded (marceloe) and user rocket has a cron overloading the server.

Installing Modsecurity and ConfigServer firewall should be of some use. Making sure those accounts are up to date and secure should also help.
 

Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
ModSecurity is already installed can you link me to ConfigServer firewall installtiong guide ? and is it free?

And no other plugins to limit the spam or the flood?
 

Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
You should be able to google that name and find it in less time than it took to ask for a link. :)

Installing it is straight forward, you'll find install instructions on the listing for it at configserver.com

Yes, it's free.
I found it thanks :) and installed it too, No other suggested plugins?
 

Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
To do what? You should check those accounts for out of date plugins and make sure the wordpress installs are up to date for starters.

Configuring CSF takes some time to properly setup. Simply installing it is helpful, but not enough.
But i've tried to suspend those account another accounts started the spam instead can't i limit the resources per user?
 

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
System Administration Services | cPanel Forums
 

Tibbers

Member
Jun 6, 2017
7
0
1
UK
cPanel Access Level
Root Administrator
Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
System Administration Services | cPanel Forums
I am sure its not a user spam that rocketfs2 is my own website and its getting attacked too.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,220
463
There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?
Hello,

There's no such functionality in cPanel & WHM, but you may find CloudLinux helpful if you want this functionality:

CloudLinux - Main | New template

Thank you.