The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Locate Compromised Site on Server

Discussion in 'Security' started by webstyler, Jan 14, 2017.

Tags:
  1. webstyler

    webstyler Well-Known Member

    Joined:
    Nov 20, 2003
    Messages:
    439
    Likes Received:
    0
    Trophy Points:
    166
    Hi

    we have receive more email alert to abuse mail adress for network attack.

    Seems 1 site inside cPanel VM are sent brute force login to remote WP

    HOW found what site on server are make this attack ?

    Thanks
     
  2. NixTree

    NixTree Well-Known Member

    Joined:
    Aug 19, 2010
    Messages:
    404
    Likes Received:
    2
    Trophy Points:
    143
    Location:
    Gods Own Country
    cPanel Access Level:
    Root Administrator
    Twitter:
    can you see if you have any process like /usr/bin/host running ? If so do a lsof -p "PID of the above process" and you can get the account which is causing this.
     
  3. Eminds

    Eminds Well-Known Member

    Joined:
    Nov 10, 2016
    Messages:
    175
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    This issue is not related to cpanel , you have to hire an expert in order to investigate the issue with your server.
    If your server provider is providing management services , consult with them as finding out cause of such issues needs through investigation.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page