SOLVED Possibly Remove Shell PHP Exploit?

[Samet Chan]

I tried find on google isn't found where WHM Plugins or cPanel must to protection for remove the PHP Exploit self.

I pays for shared server 4plan (Ultimate) from namecheap, i just test the php exploit called b374k uploaded to sftp with public_html, to be removed. It's works fine,

I just move to new another vps server from hosting it's TransIP, then i uploaded the shell (b374k) still won't be remove, i was tried installed a CSF plugin on WHM happens nothing, also 5 minutes allow up to block connection SFTP and SSH, website is 403 forbidden.

"unmanager"
CentOS 7 Core
4GB RAM
5TB Bandwitdh
150GB SSD

 

[cPanelMichael]

Hello,

You may find a third-party utility such as CXS helpful:

ConfigServer eXploit Scanner (cxs)

Also, this document is useful for overall PHP security:

PHP Security Concepts - cPanel Knowledge Base - cPanel Documentation

Thank you.

 

[Samet Chan]

You may find a third-party utility such as CXS helpful:

ConfigServer eXploit Scanner (cxs)

If i pays this $60 to lifetime or year, monthy?

Also, this document is useful for overall PHP security:

PHP Security Concepts - cPanel Knowledge Base - cPanel Documentation

Thanks for tutorial link!

 

[cPanelMichael]

If i pays this $60 to lifetime or year, monthy?

It's a one time charge, but keep in mind it's a third-party application and isn't provided through cPanel. The website shows their full license terms at:

https://download.configserver.com/cxs/license.txt

Thank you.