Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

My Cpanel hacked?

Discussion in 'General Discussion' started by ATEUAE, Mar 7, 2010.

  1. ATEUAE

    ATEUAE Registered

    Joined:
    Mar 7, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    Hello;

    My Cpanel powered site was hacked. I was about to login to make a backup when the site didn't accept the password. Then the attacker changed some pages on the site, and started an account transfer using the new account password.

    My question is, how on earth this could have happpened?
     
    #1 ATEUAE, Mar 7, 2010
    Last edited: Mar 7, 2010
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    68
    This could happen if your FTP password got compromised or it may be possible with the keylogger. You will have to change the cPanel and all the FTP passwords from your cPanel and also you will have to check the FTP Logs from where your site got compromised. You can check the FTP logs through SSH from /var/log/messages. However, if you do not have an access to the server then you will have to contact your hosting provider to provide the FTP logs. Once you get the IP address from the FTP logs you can banned that IP address in your firewall.

    Moreover, also note that if you have an installed any third party tool in your web site then please make sure that you have upgraded to the latest version. Also, you have not assign the appropriate permissions to your files and folders. Do not assign the 777 permissions to your files or folders.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. wills

    wills Well-Known Member

    Joined:
    Jan 29, 2003
    Messages:
    202
    Likes Received:
    1
    Trophy Points:
    168
    Sounds like Gumbler attack. Are you running your own server? If so, search the forum for the fix.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice