Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Looking for an exploited site

Discussion in 'Security' started by Remitur, Mar 26, 2019.

  1. Remitur

    Remitur Active Member

    Joined:
    Jan 17, 2018
    Messages:
    28
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Ljubljana
    cPanel Access Level:
    Root Administrator
    Hello.

    I got an abuse alert, which "something" on my cpanel server is trying a brute force against a WordPress site...
    Cool: I have the target IP and host, I have few hundereds of log lines, and I guess that the responsible is one of about 300 different WordPress sites which are hosted on my server.

    The question is: where can I look to understand what's the exploited site who is trying the attack?!
     
  2. GOT

    GOT Get Proactive! PartnerNOC

    Joined:
    Apr 8, 2003
    Messages:
    1,372
    Likes Received:
    154
    Trophy Points:
    193
    Location:
    Chesapeake, VA
    cPanel Access Level:
    DataCenter Provider
    First thing to check is the output of px auxf and see if htere are rogue processes running and who owns them. Their names are usually misleading, but if you know what is supposed to be there they should stand out. They will also usually have long processor times attached to them.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,009
    Likes Received:
    2,123
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice