Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Cpanel Install CentOs - mysterious text files in web roots

Discussion in 'Security' started by Jeff P., Nov 18, 2016.

Tags:
  1. Jeff P.

    Jeff P. Active Member

    Joined:
    Feb 2, 2016
    Messages:
    30
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Palm Coast, Fl
    cPanel Access Level:
    DataCenter Provider
    I have a new vps with cpanel that I installed manually. I applied the typical security measures that I usually do and I am finding that these mysterious text files keep appearing in webroots. The files have MD5 generated names, or appears so, and contain the below text but each with a different md5 value. Any ideas what it is and how to stop it?

    F5771C2086E0A5B68DC55F8BE6CFA323.txt:
    96e3f0ffe1edd0566a9a9e5bed4cd0b802856025
    comodoca.com
     
  2. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    334
    Likes Received:
    95
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    I would hazard a guess that these files were part of the domain control validation that AutoSSL uses to get certificates from Comodo.

    When I first enabled AutoSSL, it wrote these files to every domain, and as the domains were issued certificates, they seem to have been removed.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Those files are utilized by the AutoSSL feature for the domain validation process. More information on AutoSSL is available at:

    Manage AutoSSL - Documentation - cPanel Documentation

    Note that we do have an internal case open, CPANEL-9887, to ensure multiple instances of those files under a single account are removed in the event that the certificate order fails.

    Thank you.
     
  4. Jeff P.

    Jeff P. Active Member

    Joined:
    Feb 2, 2016
    Messages:
    30
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Palm Coast, Fl
    cPanel Access Level:
    DataCenter Provider
    Great thanks guys, never saw this before so my host and I were baffled.
     
    cPanelMichael likes this.
  5. Jeff P.

    Jeff P. Active Member

    Joined:
    Feb 2, 2016
    Messages:
    30
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Palm Coast, Fl
    cPanel Access Level:
    DataCenter Provider
    It just keeps dumping these files into my web roots, I don't even have any SSL powered sites.

    How to I safely stop it?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You can disable AutoSSL if you prefer to not have the SSL certificates via:

    "WHM Home » SSL/TLS » Manage AutoSSL"

    Thank you.
     
Loading...

Share This Page