phpnuke exploit protection

Under WHM in Addon Modules, you can install the addonupdates module - this adds another option in WHM called 'Addon Script Manager'. This can be used to find PHPNuke installs, but I am not sure if it only finds versions of PHPNUke that have been installed via cPanel.

 

we are currently NOT reccomending to use PHPNuke to our clients.. also if you can, have them shut off the email function in nuke.

i'm sure there are other solutions as well..

 

have u installed PHP suEXEC ? find it in WHM/software/update apache
u can trace the spammer with that :

Have u enabled SMTP Tweak ? in Tweak Security
This SMTP tweak will prevent users from bypassing the mail server to send mail (This is a common practice used by spammers). It will only allow the MTA (mail transport agent), mailman, and root to connect to remote SMTP servers.

And i guess you could Prevent the user 'nobody' from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.) u find that in WHM/Tweak Settings

and i guess u could tell all ur customers to protect their nuke install with Sentinel