lfd on cpanelserver: System Integrity checking detected a modified system file

glmanager

Member
Jun 14, 2022
12
0
1
Chatswood
cPanel Access Level
Reseller Owner
Hi guys,

Got this alert from one of the cPanel servers (I have 2)

Time: Thu Jul 28 23:02:20 2022 +1000

The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:

/usr/bin/ea-php74: FAILED
/bin/ea-php74: FAILED
/usr/local/bin/ea-php74: FAILED
Please advise how it should be investigated.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,667
1,853
363
cPanel Access Level
Root Administrator
Checking for updates is definitely the easiest option here.

As I'm mentioned many times, we don't provide or create CSF. Although it's a great tool, the comparison checker seems to struggle each time there is an update to the server, because it doesn't have a way to know an update is coming. It's very unlikely those specific packages would be compromised, and there was likely an update to the system.