Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

httpd: bad username possible hack......

Discussion in 'General Discussion' started by sosoalex, Jul 12, 2003.

  1. sosoalex

    sosoalex Member

    Jan 29, 2003
    Likes Received:
    Trophy Points:
    apache down today with this error ........

    its cannot be started again the user name coz if this user...

    so i go throw the httpd conf file and commend his virtual hosts...

    and start httpd and its work .......

    when i go to the /etc/passwd

    i found the user member of the root group


    also cpanel send me a warning mail saying that the user news and bin has been be in the root group

    and when i check them i found them realy memeber of group 0

    how this come......... Support Ticket Number:
  2. stdout

    stdout Well-Known Member

    Apr 10, 2003
    Likes Received:
    Trophy Points:
    Nelspruit, Mpumalanga, South Africa
    cPanel Access Level:
    Root Administrator
    Remove myuser and check for any active rootshells bound to a port using netstat -anp and verify your proccess list.

    Modify the passwords for news and bin in /etc/shadow to *.

    Verify noone besides yourself has group access /bin/su.

    Install a local firewall allowing only known services to access the NET and to also prevent users from binding 'rootshells' on random ports.

    Install phpsuexec.

    Im assuming youre using RedHat.

    Update your software packages using, up2date -u.
    Consider upgrading your kernel to the latest release -

    cat /var/log/messages | grep myuser Support Ticket Number:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice